Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-68973 (GCVE-0-2025-68973)
Vulnerability from cvelistv5 – Published: 2025-12-28 16:19 – Updated: 2026-01-14 19:04
VLAI?
EPSS
Summary
In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
Severity ?
7.8 (High)
CWE
- CWE-675 - Multiple Operations on Resource in Single-Operation Context
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68973",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-29T16:22:29.534824Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-29T16:22:32.478Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://gpg.fail/memcpy"
}
],
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2026-01-14T19:04:33.329Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://www.openwall.com/lists/oss-security/2025/12/29/11"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GnuPG",
"vendor": "GnuPG",
"versions": [
{
"lessThan": "2.2.51",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "2.4.9",
"status": "affected",
"version": "2.3.0",
"versionType": "semver"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.2.51",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*",
"versionEndExcluding": "2.4.9",
"versionStartIncluding": "2.3.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-675",
"description": "CWE-675 Multiple Operations on Resource in Single-Operation Context",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-02T20:43:57.832Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://gpg.fail/memcpy"
},
{
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
},
{
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"url": "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51"
},
{
"url": "https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i"
}
],
"x_generator": {
"engine": "CVE-Request-form 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2025-68973",
"datePublished": "2025-12-28T16:19:11.019Z",
"dateReserved": "2025-12-28T16:19:10.762Z",
"dateUpdated": "2026-01-14T19:04:33.329Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-68973\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2025-12-28T17:16:01.500\",\"lastModified\":\"2026-01-14T19:16:46.857\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.4,\"impactScore\":5.8},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.0,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.0,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"cve@mitre.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-675\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:gnupg:gnupg:*:*:*:*:-:*:*:*\",\"versionEndIncluding\":\"2.4.8\",\"matchCriteriaId\":\"8D4239B3-0B8A-4E14-9E33-DD52A3F8FF25\"}]}]}],\"references\":[{\"url\":\"https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://gpg.fail/memcpy\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://news.ycombinator.com/item?id=46403200\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2025/12/28/5\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/12/29/11\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://gpg.fail/memcpy\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Broken Link\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.openwall.com/lists/oss-security/2025/12/29/11\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2026-01-14T19:04:33.329Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-68973\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-29T16:22:29.534824Z\"}}}], \"references\": [{\"url\": \"https://gpg.fail/memcpy\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-29T16:22:23.591Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"GnuPG\", \"product\": \"GnuPG\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"2.2.51\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"2.3.0\", \"lessThan\": \"2.4.9\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"references\": [{\"url\": \"https://gpg.fail/memcpy\"}, {\"url\": \"https://news.ycombinator.com/item?id=46403200\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2025/12/28/5\"}, {\"url\": \"https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9\"}, {\"url\": \"https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306\"}, {\"url\": \"https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51\"}, {\"url\": \"https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i\"}], \"x_generator\": {\"engine\": \"CVE-Request-form 0.0.1\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-675\", \"description\": \"CWE-675 Multiple Operations on Resource in Single-Operation Context\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.2.51\"}, {\"criteria\": \"cpe:2.3:a:gnupg:gnupg:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"2.4.9\", \"versionStartIncluding\": \"2.3.0\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2026-01-02T20:43:57.832Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-68973\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-01-14T19:04:33.329Z\", \"dateReserved\": \"2025-12-28T16:19:10.762Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-12-28T16:19:11.019Z\", \"assignerShortName\": \"mitre\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
WID-SEC-W-2025-2928
Vulnerability from csaf_certbund - Published: 2025-12-28 23:00 - Updated: 2026-02-04 23:00Summary
GnuPG: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
GNU Privacy Guard (GnuPG) ist ein quelloffenes Verschlüsselungs Tool
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen in GnuPG ausnutzen, um Sicherheitsvorkehrungen zu umgehen und weitere, nicht spezifizierte Auswirkungen zu verursachen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "GNU Privacy Guard (GnuPG) ist ein quelloffenes Verschl\u00fcsselungs Tool",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in GnuPG ausnutzen, um Sicherheitsvorkehrungen zu umgehen und weitere, nicht spezifizierte Auswirkungen zu verursachen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2928 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2928.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2928 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2928"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2025-12-28",
"url": "https://seclists.org/oss-sec/2025/q4/311"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2025-12-28",
"url": "https://github.com/advisories/GHSA-w789-3q45-984r"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2025-12-28",
"url": "https://github.com/advisories/GHSA-PJ23-86WW-F72P"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:10001-1 vom 2026-01-02",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/LHWSYBDDRKDBJGNQZMJ25ELH3KFSH5WT/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7946-2 vom 2026-01-08",
"url": "https://ubuntu.com/security/notices/USN-7946-2"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7946-1 vom 2026-01-09",
"url": "https://ubuntu.com/security/notices/USN-7946-1"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4437 vom 2026-01-14",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0697 vom 2026-01-15",
"url": "https://access.redhat.com/errata/RHSA-2026:0697"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0719 vom 2026-01-15",
"url": "https://access.redhat.com/errata/RHSA-2026:0719"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2026:20029-1 vom 2026-01-15",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WC6TBD5ICFFBQXXMJC7MZYWDYPVY3GC3/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0697 vom 2026-01-15",
"url": "https://linux.oracle.com/errata/ELSA-2026-0697.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0719 vom 2026-01-16",
"url": "https://linux.oracle.com/errata/ELSA-2026-0719.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0728 vom 2026-01-15",
"url": "https://access.redhat.com/errata/RHSA-2026:0728"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-0728 vom 2026-01-16",
"url": "https://linux.oracle.com/errata/ELSA-2026-0728.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0761 vom 2026-01-19",
"url": "https://access.redhat.com/errata/RHSA-2026:0761"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0697 vom 2026-01-17",
"url": "https://errata.build.resf.org/RLSA-2026:0697"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0728 vom 2026-01-17",
"url": "https://errata.build.resf.org/RLSA-2026:0728"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2026:0719 vom 2026-01-20",
"url": "https://errata.build.resf.org/RLSA-2026:0719"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20080-1 vom 2026-01-20",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023818.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2026-3125 vom 2026-01-22",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2026-3125.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0935 vom 2026-01-21",
"url": "https://access.redhat.com/errata/RHSA-2026:0935"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:0974 vom 2026-01-22",
"url": "https://access.redhat.com/errata/RHSA-2026:0974"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1014 vom 2026-01-22",
"url": "https://access.redhat.com/errata/RHSA-2026:1014"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0215-1 vom 2026-01-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023870.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0214-1 vom 2026-01-22",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023871.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:20108-1 vom 2026-01-23",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023880.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1229 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:1229"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1230 vom 2026-01-26",
"url": "https://access.redhat.com/errata/RHSA-2026:1230"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1468 vom 2026-01-28",
"url": "https://access.redhat.com/errata/RHSA-2026:1468"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1517 vom 2026-01-29",
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1652 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1652"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1677 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1677"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1629 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1629"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1705 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1705"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1736 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1736"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1719 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1719"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1858 vom 2026-02-03",
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1859 vom 2026-02-03",
"url": "https://access.redhat.com/errata/RHSA-2026:1859"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2026:0378-1 vom 2026-02-04",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-February/024043.html"
}
],
"source_lang": "en-US",
"title": "GnuPG: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-02-04T23:00:00.000+00:00",
"generator": {
"date": "2026-02-05T09:40:14.035+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2928",
"initial_release_date": "2025-12-28T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-12-28T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-01-04T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2026-01-08T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2026-01-14T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-01-15T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat, openSUSE und Oracle Linux aufgenommen"
},
{
"date": "2026-01-18T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-01-19T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2026-01-21T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Amazon und Red Hat aufgenommen"
},
{
"date": "2026-01-22T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat und SUSE aufgenommen"
},
{
"date": "2026-01-26T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-27T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-28T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-01T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-02T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-03T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "17"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=2.4.8",
"product": {
"name": "Open Source GnuPG \u003c=2.4.8",
"product_id": "6156D629-66DD-44D1-8D71-41391E055F5A"
}
},
{
"category": "product_version_range",
"name": "\u003c=2.4.8",
"product": {
"name": "Open Source GnuPG \u003c=2.4.8",
"product_id": "6156D629-66DD-44D1-8D71-41391E055F5A-fixed"
}
}
],
"category": "product_name",
"name": "GnuPG"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68972",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T032255"
],
"last_affected": [
"6156D629-66DD-44D1-8D71-41391E055F5A"
]
},
"release_date": "2025-12-28T23:00:00.000+00:00",
"title": "CVE-2025-68972"
},
{
"cve": "CVE-2025-68973",
"product_status": {
"known_affected": [
"2951",
"T002207",
"67646",
"T000126",
"T027843",
"398363",
"T004914",
"T032255"
],
"last_affected": [
"6156D629-66DD-44D1-8D71-41391E055F5A"
]
},
"release_date": "2025-12-28T23:00:00.000+00:00",
"title": "CVE-2025-68973"
}
]
}
RHSA-2026:1230
Vulnerability from csaf_redhat - Published: 2026-01-26 16:16 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1230",
"url": "https://access.redhat.com/errata/RHSA-2026:1230"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1230.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:20+00:00",
"generator": {
"date": "2026-02-03T20:56:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1230",
"initial_release_date": "2026-01-26T16:16:34+00:00",
"revision_history": [
{
"date": "2026-01-26T16:16:34+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-26T16:16:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.4::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_4.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_4.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_4.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_4.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"product_id": "gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_4.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_4.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_4.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_4.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_4.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"product_id": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_4.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"product_id": "gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_4.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_4.1.s390x",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.s390x",
"product_id": "gnupg2-0:2.3.3-4.el9_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_4.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_4.1.src",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.src",
"product_id": "gnupg2-0:2.3.3-4.el9_4.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_4.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.src",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"product_id": "AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "AppStream-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.src",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.4)",
"product_id": "BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"relates_to_product_reference": "BaseOS-9.4.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64"
],
"known_not_affected": [
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-26T16:16:34+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1230"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"AppStream-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"AppStream-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.src",
"BaseOS-9.4.0.Z.EUS:gnupg2-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_4.1.x86_64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.aarch64",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.ppc64le",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.s390x",
"BaseOS-9.4.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:0728
Vulnerability from csaf_redhat - Published: 2026-01-15 21:34 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0728",
"url": "https://access.redhat.com/errata/RHSA-2026:0728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0728.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:18+00:00",
"generator": {
"date": "2026-02-03T20:56:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:0728",
"initial_release_date": "2026-01-15T21:34:05+00:00",
"revision_history": [
{
"date": "2026-01-15T21:34:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-15T21:34:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-4.el8_10.src",
"product": {
"name": "gnupg2-0:2.2.20-4.el8_10.src",
"product_id": "gnupg2-0:2.2.20-4.el8_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-4.el8_10.aarch64",
"product": {
"name": "gnupg2-0:2.2.20-4.el8_10.aarch64",
"product_id": "gnupg2-0:2.2.20-4.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"product": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"product_id": "gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-4.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"product_id": "gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-4.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"product_id": "gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-4.el8_10?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-4.el8_10?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-4.el8_10.ppc64le",
"product": {
"name": "gnupg2-0:2.2.20-4.el8_10.ppc64le",
"product_id": "gnupg2-0:2.2.20-4.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"product_id": "gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-4.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"product_id": "gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-4.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-4.el8_10?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-4.el8_10?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-4.el8_10.x86_64",
"product": {
"name": "gnupg2-0:2.2.20-4.el8_10.x86_64",
"product_id": "gnupg2-0:2.2.20-4.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"product": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"product_id": "gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-4.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"product_id": "gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-4.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"product_id": "gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-4.el8_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-4.el8_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-4.el8_10.s390x",
"product": {
"name": "gnupg2-0:2.2.20-4.el8_10.s390x",
"product_id": "gnupg2-0:2.2.20-4.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-4.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"product": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"product_id": "gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-4.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"product_id": "gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-4.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"product_id": "gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-4.el8_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-4.el8_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-4.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.aarch64"
},
"product_reference": "gnupg2-0:2.2.20-4.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-4.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.ppc64le"
},
"product_reference": "gnupg2-0:2.2.20-4.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-4.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.s390x"
},
"product_reference": "gnupg2-0:2.2.20-4.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-4.el8_10.src as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.src"
},
"product_reference": "gnupg2-0:2.2.20-4.el8_10.src",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-4.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-4.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.aarch64"
},
"product_reference": "gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.s390x"
},
"product_reference": "gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-4.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 8)",
"product_id": "BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64",
"relates_to_product_reference": "BaseOS-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T21:34:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0728"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.src",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debuginfo-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-debugsource-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-0:2.2.20-4.el8_10.x86_64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.aarch64",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.ppc64le",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.s390x",
"BaseOS-8.10.0.Z.MAIN.EUS:gnupg2-smime-debuginfo-0:2.2.20-4.el8_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1468
Vulnerability from csaf_redhat - Published: 2026-01-28 07:58 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1468",
"url": "https://access.redhat.com/errata/RHSA-2026:1468"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1468.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:21+00:00",
"generator": {
"date": "2026-02-03T20:56:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1468",
"initial_release_date": "2026-01-28T07:58:16+00:00",
"revision_history": [
{
"date": "2026-01-28T07:58:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-28T07:58:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.9-1.el8_2.1.src",
"product": {
"name": "gnupg2-0:2.2.9-1.el8_2.1.src",
"product_id": "gnupg2-0:2.2.9-1.el8_2.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.9-1.el8_2.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"product": {
"name": "gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"product_id": "gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.9-1.el8_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64",
"product_id": "gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.9-1.el8_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.9-1.el8_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.9-1.el8_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.9-1.el8_2.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.9-1.el8_2.1.src as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.src"
},
"product_reference": "gnupg2-0:2.2.9-1.el8_2.1.src",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.9-1.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v. 8.2)",
"product_id": "BaseOS-8.2.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"relates_to_product_reference": "BaseOS-8.2.0.Z.AUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.src",
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64"
],
"known_not_affected": [
"BaseOS-8.2.0.Z.AUS:gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T07:58:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.src",
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1468"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.src",
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.src",
"BaseOS-8.2.0.Z.AUS:gnupg2-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-debuginfo-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-debugsource-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-0:2.2.9-1.el8_2.1.x86_64",
"BaseOS-8.2.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.9-1.el8_2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1517
Vulnerability from csaf_redhat - Published: 2026-01-28 22:40 - Updated: 2026-02-09 13:26Summary
Red Hat Security Advisory: RHACS 4.8.8 security and bug fix update
Notes
Topic
Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details
See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1517",
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66564",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68428",
"url": "https://access.redhat.com/security/cve/CVE-2025-68428"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22029",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-488_release-notes-48",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.8/html-single/release_notes/index#about-this-release-488_release-notes-48"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1517.json"
}
],
"title": "Red Hat Security Advisory: RHACS 4.8.8 security and bug fix update",
"tracking": {
"current_release_date": "2026-02-09T13:26:52+00:00",
"generator": {
"date": "2026-02-09T13:26:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.1"
}
},
"id": "RHSA-2026:1517",
"initial_release_date": "2026-01-28T22:40:02+00:00",
"revision_history": [
{
"date": "2026-01-28T22:40:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-28T22:40:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-09T13:26:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security 4.8",
"product": {
"name": "Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.8::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Aca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769010086"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Af23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3Ab22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ad353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ac7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Aeb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Aeaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769010086"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Affc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Acfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ab60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ad480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ac69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ae7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Adb0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769010086"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Afe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Af5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Ae292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Adeea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Aec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Af7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769010086"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Af96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Adcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Acc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ad5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769125501"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security\u0026tag=1769615659"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64 as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le as a component of Red Hat Advanced Cluster Security 4.8",
"product_id": "Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.8"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "Forge (also called `node-forge`) is a native implementation of Transport Layer Security in JavaScript. An Uncontrolled Recursion vulnerability in node-forge versions 1.3.1 and below enables remote, unauthenticated attackers to craft deep ASN.1 structures that trigger unbounded recursive parsing. This leads to a Denial-of-Service (DoS) via stack exhaustion when parsing untrusted DER inputs. This issue has been patched in version 1.3.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2025-66564",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:11.786030+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419054"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Sigstore Timestamp Authority. This vulnerability allows a denial of service via excessive memory allocation when processing a specially crafted Object Identifier or Content-Type header.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The Sigstore Timestamp Authority, a service for issuing RFC 3161 timestamps, is prone to excessive memory allocation. This occurs when processing untrusted OID payloads with many period characters or malformed Content-Type headers. An unauthenticated attacker could exploit this flaw to trigger a denial of service in affected Red Hat products that utilize this component.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66564"
},
{
"category": "external",
"summary": "RHBZ#2419054",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419054"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66564",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66564"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421",
"url": "https://github.com/sigstore/timestamp-authority/commit/0cae34e197d685a14904e0bad135b89d13b69421"
},
{
"category": "external",
"summary": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh",
"url": "https://github.com/sigstore/timestamp-authority/security/advisories/GHSA-4qg8-fj49-pxjh"
}
],
"release_date": "2025-12-04T22:37:13.307000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/timestamp-authority: Sigstore Timestamp Authority: Denial of Service via excessive OID or Content-Type header parsing"
},
{
"cve": "CVE-2025-68428",
"cwe": {
"id": "CWE-73",
"name": "External Control of File Name or Path"
},
"discovery_date": "2026-01-05T22:01:15.703824+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427236"
}
],
"notes": [
{
"category": "description",
"text": "jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents are included verbatim in the generated PDFs. Other affected methods are `addImage`, `html`, and `addFont`. Only the node.js builds of the library are affected, namely the `dist/jspdf.node.js` and `dist/jspdf.node.min.js` files. The vulnerability has been fixed in jsPDF@4.0.0. This version restricts file system access per default. This semver-major update does not introduce other breaking changes. Some workarounds areavailable. With recent node versions, jsPDF recommends using the `--permission` flag in production. The feature was introduced experimentally in v20.0.0 and is stable since v22.13.0/v23.5.0/v24.0.0. For older node versions, sanitize user-provided paths before passing them to jsPDF.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jspdf: jsPDF Local File Inclusion/Path Traversal vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68428"
},
{
"category": "external",
"summary": "RHBZ#2427236",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427236"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68428",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68428"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68428",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68428"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/commit/a688c8f479929b24a6543b1fa2d6364abb03066d",
"url": "https://github.com/parallax/jsPDF/commit/a688c8f479929b24a6543b1fa2d6364abb03066d"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/releases/tag/v4.0.0",
"url": "https://github.com/parallax/jsPDF/releases/tag/v4.0.0"
},
{
"category": "external",
"summary": "https://github.com/parallax/jsPDF/security/advisories/GHSA-f8cm-6447-x5h2",
"url": "https://github.com/parallax/jsPDF/security/advisories/GHSA-f8cm-6447-x5h2"
}
],
"release_date": "2026-01-05T21:43:55.169000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jspdf: jsPDF Local File Inclusion/Path Traversal vulnerability"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
},
{
"cve": "CVE-2026-22029",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-01-10T04:01:03.694749+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428412"
}
],
"notes": [
{
"category": "description",
"text": "React Router is a router for React. In @remix-run/router version prior to 1.23.2. and react-router 7.0.0 through 7.11.0, React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect. There is no impact if Declarative Mode (\u003cBrowserRouter\u003e) is being used. This issue has been patched in @remix-run/router version 1.23.2 and react-router version 7.12.0.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "RHBZ#2428412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx",
"url": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx"
}
],
"release_date": "2026-01-10T02:42:32.736000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-28T22:40:02+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1517"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:189126988989d9ea557c1356386ee5a7443d5cb01717e0d974f0603a2b659130_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:452b98b484516602e84835289b97d3ce5bfea4de66996fc66381a74e5f47ab44_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:db0681aece90f0ecbd6cebe7dbc60ba59f02258a27cdae938752a7e9dbaf475d_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:eaea088de3ff04166ec467b67d70f55662a2917441d3d9d4e8dd39677031bc4c_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:5271f61b08c3c593db3285d7d68014792440944ee38c2fff1839f2d401cc27ad_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:69cbd0e1ffe7abde1ac760e74088a5f98c529fa22b426dd15de013c7308bf325_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:97949783533ac35c4c48c3bdfcb5306853779e82b101e52fdc2f95923d4d071f_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:ca3b14d4dc352c45cfab525c2c4e2c703c46a948022634b1d023ac27fbf57f89_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:2b5ba43a096f738c776e4fc95ac5afabbe1b80826c7350f85f0ca5987f412406_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:438b4904d97ca6cd51284955f284c0b078af30859460eb1ed608e20535ccc2c8_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:f96217aeff1a39024700537986dca70ce7e94949c91c3da815dc715ef6588044_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:fe5172976364ca5ef1bd83d25b5a51497d51782ef30706ccbceae3db64d10019_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:b22341e8dfba8b10b70f21f3b597c02874bae485c07517402db0930397d82688_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:074255ff15e39c96ccb0dac16df03a8f3066afa4f2f6d81588e11d0cff5f7dd6_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:194bed8ce4509622b1802b5b6c528e34c4fa610e7ca2894d2c5a34874e1e393f_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:f23f9417f4dc4631bb2ab5e51e95d3a28ea7511f96a12f5d717353db4a1b40cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:ffc6d43eb11c5cc4672b73597b6cfe0dce6356f40777f4ab2dc26aa1f74cf957_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:678b96caceeb30a64c2f43395ab291e3035fa122d46eb9d2289e77bfc6b4c3b2_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:cfa4cd81826c4f945fdb2900aa16028919ad0737beb15c424162a34c1f86a46b_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:d353cd9e8305138cc186affd8d68256061ca2113208c8969a5b0fa7b4c1eab24_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:dcfa45646e951547da04021f3f35d7262a95f565366a1c5ebbf12532f783f686_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:9386cdac44378229ee4bbae348924e496738eadbb30a5a338886280a5361c91a_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:b60ce2debac0fa9a6f0a125775df71c175aa1a0d25489cc63e1caf98464fb6b3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:cc3f28d099d73edfd4a234b5c6bdd52299a7b3fec9b25275aca413b64c9320e3_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:f5a834aae45dabf73e50ef426ac18c2a4737c99373aa8705b60778cfa6faebe4_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:670450f25d9a48e836d7ea6196f7da036dde40a13c87ac4e56821a6c255820b1_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:d480afc91510b9422e2d227813052a6a25a759bdd0fee683e399d3dcfa08ab29_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:e292fc02185514b2e246e4ca7e23572bf24d64b72bb503e80b5f43411d6dd585_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:eb98140ad6ba3fe2b9fee5f59130671b490cf2849f5fb68a2abc51748d97ff8d_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:14f23c5a1b81122d6c019ee470617da0e4597b9aac42c008797c0be8a0c14b45_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:5180c88b2677bb366aea5af964bf40c1bad8bbf4c33cefaba87ce6c22e9e8e17_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:87359ad896ce3ecce5da9763a34f18b0481cbad50b4f3b0130b948e57645f818_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:c7a63ddb83702fc56250aaf0bf090db1038d7d29eb6025b6e9bc717e3cb3ced4_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:1ae07e2c03ed0497812c7f716d05358367bcd6aec9f25141658a86cba4f9361e_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:8e4a29ad6b0e226e055bc56ef73b751a94f35fe06e83cf021b1a23204fab64cd_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:d5242d47d9ce958769e5986d54eee1522b19341677ef2051bfea3c72b4b86ce5_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:deea39a769a89ac2ac4ea6470d4865de5802331e36b81ac167526b7cd92713fa_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1a3802e374386dd277f1e806a0cc7cdd9327dd57900df2e8af373acb0501a862_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:1b160193dd2e7612a7cd95e2f3e2863fae06c51b29afe8e67d57fa80ec703884_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:e7e8edfbe4e6a55628f4d161d42d375f41e45e9bac792e1d33aadb3dbcafe471_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f7687becdf95ecf98b9fadbc501163c3bc2f4b1906fd59c19ad6717a1897f8e8_ppc64le",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:1c5cb619fc844a48f79d2996d8c2239bab7077845d404184515d4e7df7afdc6e_s390x",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:4586e2f4308662e5ff54d15fb4a7839982fd59a74a7e0534b7df0537c65da3e7_amd64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:c69235da18dcccc515f64615d6e2313423520cff6c3d32b87b2c3e1f1069ffa3_arm64",
"Red Hat Advanced Cluster Security 4.8:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:ec4c412b018affc913dd6e50fa1ecaba47993619102a235572d30eb354af3599_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects"
}
]
}
RHSA-2026:1677
Vulnerability from csaf_redhat - Published: 2026-02-02 07:37 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1677",
"url": "https://access.redhat.com/errata/RHSA-2026:1677"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1677.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:24+00:00",
"generator": {
"date": "2026-02-03T20:56:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1677",
"initial_release_date": "2026-02-02T07:37:37+00:00",
"revision_history": [
{
"date": "2026-02-02T07:37:37+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-02T07:37:37+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_els:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.22-5.el7_9.1.src",
"product": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.src",
"product_id": "gnupg2-0:2.0.22-5.el7_9.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.22-5.el7_9.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"product": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"product_id": "gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.22-5.el7_9.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.22-5.el7_9.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"product_id": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.22-5.el7_9.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"product": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"product_id": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.22-5.el7_9.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.22-5.el7_9.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"product_id": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.22-5.el7_9.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"product": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"product_id": "gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.22-5.el7_9.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"product": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"product_id": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.22-5.el7_9.1?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"product": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"product_id": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.22-5.el7_9.1?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.0.22-5.el7_9.1.s390x",
"product": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.s390x",
"product_id": "gnupg2-0:2.0.22-5.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.0.22-5.el7_9.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.0.22-5.el7_9.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"product_id": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.0.22-5.el7_9.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.src as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.src"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.src",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7 ELS)",
"product_id": "7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.src as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.src"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.src",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.0.22-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64"
},
"product_reference": "gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"relates_to_product_reference": "7Server-optional-ELS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7 ELS)",
"product_id": "7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"relates_to_product_reference": "7Server-optional-ELS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T07:37:37+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1677"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.src",
"7Server-optional-ELS:gnupg2-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-debuginfo-0:2.0.22-5.el7_9.1.x86_64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.ppc64le",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.s390x",
"7Server-optional-ELS:gnupg2-smime-0:2.0.22-5.el7_9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1719
Vulnerability from csaf_redhat - Published: 2026-02-02 14:09 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1719",
"url": "https://access.redhat.com/errata/RHSA-2026:1719"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1719.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:26+00:00",
"generator": {
"date": "2026-02-03T20:56:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1719",
"initial_release_date": "2026-02-02T14:09:38+00:00",
"revision_history": [
{
"date": "2026-02-02T14:09:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-02T14:09:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.0::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:9.0::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_0.1.src",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.src",
"product_id": "gnupg2-0:2.3.3-2.el9_0.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_0.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"product_id": "gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_0.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"product_id": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_0.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"product_id": "gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_0.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_0.1.s390x",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.s390x",
"product_id": "gnupg2-0:2.3.3-2.el9_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_0.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.src",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"product_id": "AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.src",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.0)",
"product_id": "BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"relates_to_product_reference": "BaseOS-9.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T14:09:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1719"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"AppStream-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"AppStream-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.src",
"BaseOS-9.0.0.Z.E4S:gnupg2-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_0.1.x86_64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.aarch64",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.ppc64le",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.s390x",
"BaseOS-9.0.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:0935
Vulnerability from csaf_redhat - Published: 2026-01-21 19:09 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0935",
"url": "https://access.redhat.com/errata/RHSA-2026:0935"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0935.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:18+00:00",
"generator": {
"date": "2026-02-03T20:56:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:0935",
"initial_release_date": "2026-01-21T19:09:27+00:00",
"revision_history": [
{
"date": "2026-01-21T19:09:27+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-21T19:09:27+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:8.8::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:8.8::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_8.1.src",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.src",
"product_id": "gnupg2-0:2.2.20-3.el8_8.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_8.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"product_id": "gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_8.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"product_id": "gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-3.el8_8.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-3.el8_8.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-3.el8_8.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-3.el8_8.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"product_id": "gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"product_id": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-3.el8_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-3.el8_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-3.el8_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-3.el8_8.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.ppc64le"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.src"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_8.1.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.src as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.src"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_8.1.src",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.8)",
"product_id": "BaseOS-8.8.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"relates_to_product_reference": "BaseOS-8.8.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64"
],
"known_not_affected": [
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-21T19:09:27+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0935"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.E4S:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.ppc64le",
"BaseOS-8.8.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.src",
"BaseOS-8.8.0.Z.TUS:gnupg2-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_8.1.x86_64",
"BaseOS-8.8.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:0719
Vulnerability from csaf_redhat - Published: 2026-01-15 17:17 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0719",
"url": "https://access.redhat.com/errata/RHSA-2026:0719"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0719.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:17+00:00",
"generator": {
"date": "2026-02-03T20:56:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:0719",
"initial_release_date": "2026-01-15T17:17:05+00:00",
"revision_history": [
{
"date": "2026-01-15T17:17:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-15T17:17:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"product": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"product_id": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-5.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"product_id": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-5.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"product_id": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-5.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-5.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-5.el9_7.aarch64",
"product": {
"name": "gnupg2-0:2.3.3-5.el9_7.aarch64",
"product_id": "gnupg2-0:2.3.3-5.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"product_id": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-5.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"product_id": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-5.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-5.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-5.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-5.el9_7.ppc64le",
"product": {
"name": "gnupg2-0:2.3.3-5.el9_7.ppc64le",
"product_id": "gnupg2-0:2.3.3-5.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"product": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"product_id": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-5.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"product_id": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-5.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"product_id": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-5.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-5.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-5.el9_7.x86_64",
"product": {
"name": "gnupg2-0:2.3.3-5.el9_7.x86_64",
"product_id": "gnupg2-0:2.3.3-5.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"product": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"product_id": "gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-5.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"product_id": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-5.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"product_id": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-5.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-5.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-5.el9_7.s390x",
"product": {
"name": "gnupg2-0:2.3.3-5.el9_7.s390x",
"product_id": "gnupg2-0:2.3.3-5.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-5.el9_7.src",
"product": {
"name": "gnupg2-0:2.3.3-5.el9_7.src",
"product_id": "gnupg2-0:2.3.3-5.el9_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-5.el9_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.src",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.src as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.src",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 9)",
"product_id": "BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"relates_to_product_reference": "BaseOS-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T17:17:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0719"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"AppStream-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.src",
"BaseOS-9.7.0.Z.MAIN:gnupg2-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debuginfo-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-debugsource-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-0:2.3.3-5.el9_7.x86_64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.aarch64",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.ppc64le",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.s390x",
"BaseOS-9.7.0.Z.MAIN:gnupg2-smime-debuginfo-0:2.3.3-5.el9_7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1705
Vulnerability from csaf_redhat - Published: 2026-02-02 11:41 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1705",
"url": "https://access.redhat.com/errata/RHSA-2026:1705"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1705.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:25+00:00",
"generator": {
"date": "2026-02-03T20:56:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1705",
"initial_release_date": "2026-02-02T11:41:03+00:00",
"revision_history": [
{
"date": "2026-02-02T11:41:03+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-02T11:41:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:9.2::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:9.2::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_2.1.src",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.src",
"product_id": "gnupg2-0:2.3.3-2.el9_2.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_2.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"product_id": "gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_2.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_2.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"product_id": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_2.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_2.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"product_id": "gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_2.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_2.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-2.el9_2.1.s390x",
"product": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.s390x",
"product_id": "gnupg2-0:2.3.3-2.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-2.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"product_id": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-2.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-2.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-2.el9_2.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"product_id": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-2.el9_2.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.src",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"product_id": "AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "AppStream-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.src",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.9.2)",
"product_id": "BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"relates_to_product_reference": "BaseOS-9.2.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T11:41:03+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1705"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"AppStream-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"AppStream-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.src",
"BaseOS-9.2.0.Z.E4S:gnupg2-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debuginfo-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-debugsource-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-0:2.3.3-2.el9_2.1.x86_64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.aarch64",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.ppc64le",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.s390x",
"BaseOS-9.2.0.Z.E4S:gnupg2-smime-debuginfo-0:2.3.3-2.el9_2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1229
Vulnerability from csaf_redhat - Published: 2026-01-26 16:26 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 9.6 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1229",
"url": "https://access.redhat.com/errata/RHSA-2026:1229"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1229.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:23+00:00",
"generator": {
"date": "2026-02-03T20:56:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1229",
"initial_release_date": "2026-01-26T16:26:39+00:00",
"revision_history": [
{
"date": "2026-01-26T16:26:39+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-26T16:26:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:9.6::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus:9.6::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"product_id": "gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_6.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"product_id": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_6.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"product_id": "gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_6.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"product_id": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.3.3-4.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"product_id": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.3.3-4.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.3.3-4.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.3.3-4.el9_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_6.1.s390x",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.s390x",
"product_id": "gnupg2-0:2.3.3-4.el9_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_6.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.3.3-4.el9_6.1.src",
"product": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.src",
"product_id": "gnupg2-0:2.3.3-4.el9_6.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.3.3-4.el9_6.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.src",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"product_id": "AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "AppStream-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.src as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.src",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v.9.6)",
"product_id": "BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"relates_to_product_reference": "BaseOS-9.6.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64"
],
"known_not_affected": [
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-26T16:26:39+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1229"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"AppStream-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"AppStream-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.src",
"BaseOS-9.6.0.Z.EUS:gnupg2-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debuginfo-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-debugsource-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-0:2.3.3-4.el9_6.1.x86_64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.aarch64",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.ppc64le",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.s390x",
"BaseOS-9.6.0.Z.EUS:gnupg2-smime-debuginfo-0:2.3.3-4.el9_6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:0974
Vulnerability from csaf_redhat - Published: 2026-01-22 06:57 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.6 Telecommunications Update Service.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0974",
"url": "https://access.redhat.com/errata/RHSA-2026:0974"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0974.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:19+00:00",
"generator": {
"date": "2026-02-03T20:56:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:0974",
"initial_release_date": "2026-01-22T06:57:36+00:00",
"revision_history": [
{
"date": "2026-01-22T06:57:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-22T06:57:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.6::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_e4s:8.6::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_tus:8.6::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_6.1.src",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.src",
"product_id": "gnupg2-0:2.2.20-3.el8_6.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_6.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"product_id": "gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"product_id": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-3.el8_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-3.el8_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-3.el8_6.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-3.el8_6.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"product_id": "gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"product_id": "gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-3.el8_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"product_id": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-3.el8_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-3.el8_6.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-3.el8_6.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"product_id": "gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"product_id": "gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-3.el8_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-3.el8_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-3.el8_6.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-3.el8_6.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-3.el8_6.1.s390x",
"product": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.s390x",
"product_id": "gnupg2-0:2.2.20-3.el8_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-3.el8_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"product_id": "gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-3.el8_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"product_id": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-3.el8_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-3.el8_6.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-3.el8_6.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.src as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.src"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.aarch64"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.ppc64le"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.s390x"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.src as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.src"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS E4S (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.src as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.src"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.src",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS TUS (v.8.6)",
"product_id": "BaseOS-8.6.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"relates_to_product_reference": "BaseOS-8.6.0.Z.TUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64"
],
"known_not_affected": [
"BaseOS-8.6.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T06:57:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0974"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.AUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.E4S:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.aarch64",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.ppc64le",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.s390x",
"BaseOS-8.6.0.Z.E4S:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.src",
"BaseOS-8.6.0.Z.TUS:gnupg2-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debuginfo-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-debugsource-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-0:2.2.20-3.el8_6.1.x86_64",
"BaseOS-8.6.0.Z.TUS:gnupg2-smime-debuginfo-0:2.2.20-3.el8_6.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1014
Vulnerability from csaf_redhat - Published: 2026-01-22 15:48 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1014",
"url": "https://access.redhat.com/errata/RHSA-2026:1014"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1014.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:20+00:00",
"generator": {
"date": "2026-02-03T20:56:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1014",
"initial_release_date": "2026-01-22T15:48:38+00:00",
"revision_history": [
{
"date": "2026-01-22T15:48:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-22T15:48:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_aus:8.4::baseos"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-2.el8_4.1.src",
"product": {
"name": "gnupg2-0:2.2.20-2.el8_4.1.src",
"product_id": "gnupg2-0:2.2.20-2.el8_4.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-2.el8_4.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"product": {
"name": "gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"product_id": "gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.2.20-2.el8_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"product_id": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.2.20-2.el8_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.2.20-2.el8_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.2.20-2.el8_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.2.20-2.el8_4.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-2.el8_4.1.src as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.src"
},
"product_reference": "gnupg2-0:2.2.20-2.el8_4.1.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS AUS (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-2.el8_4.1.src as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.src"
},
"product_reference": "gnupg2-0:2.2.20-2.el8_4.1.src",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)",
"product_id": "BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"relates_to_product_reference": "BaseOS-8.4.0.Z.EUS.EXTENSION"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64"
],
"known_not_affected": [
"BaseOS-8.4.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-22T15:48:38+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1014"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.AUS:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.AUS:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.src",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debuginfo-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-debugsource-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-0:2.2.20-2.el8_4.1.x86_64",
"BaseOS-8.4.0.Z.EUS.EXTENSION:gnupg2-smime-debuginfo-0:2.2.20-2.el8_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1629
Vulnerability from csaf_redhat - Published: 2026-02-02 01:57 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 10.0 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1629",
"url": "https://access.redhat.com/errata/RHSA-2026:1629"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1629.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:23+00:00",
"generator": {
"date": "2026-02-03T20:56:23+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1629",
"initial_release_date": "2026-02-02T01:57:21+00:00",
"revision_history": [
{
"date": "2026-02-02T01:57:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-02T01:57:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:23+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux_eus:10.0"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"product_id": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-2.el10_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"product_id": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-2.el10_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-2.el10_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-2.el10_0.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"product": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"product_id": "gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-2.el10_0.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"product_id": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-2.el10_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-2.el10_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-2.el10_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-2.el10_0.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"product": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"product_id": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-2.el10_0.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"product": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"product_id": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-2.el10_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"product_id": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-2.el10_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"product_id": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-2.el10_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-2.el10_0.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-2.el10_0.1.s390x",
"product": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.s390x",
"product_id": "gnupg2-0:2.4.5-2.el10_0.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-2.el10_0.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"product_id": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-2.el10_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"product_id": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-2.el10_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-2.el10_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-2.el10_0.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"product": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"product_id": "gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-2.el10_0.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-2.el10_0.1.src",
"product": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.src",
"product_id": "gnupg2-0:2.4.5-2.el10_0.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-2.el10_0.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.src",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"product_id": "AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "AppStream-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.src as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.src",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64 as a component of Red Hat Enterprise Linux BaseOS EUS (v. 10.0)",
"product_id": "BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"relates_to_product_reference": "BaseOS-10.0.Z.E2S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-02T01:57:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1629"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"AppStream-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"AppStream-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.src",
"BaseOS-10.0.Z.E2S:gnupg2-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debuginfo-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-debugsource-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-0:2.4.5-2.el10_0.1.x86_64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.aarch64",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.ppc64le",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.s390x",
"BaseOS-10.0.Z.E2S:gnupg2-smime-debuginfo-0:2.4.5-2.el10_0.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1859
Vulnerability from csaf_redhat - Published: 2026-02-03 17:24 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update
Notes
Topic
An updated OpenShift Compliance Operator image that fixes various bugs and adds new
enhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.
Details
The OpenShift Compliance Operator v1.8.2 is now available.
See the documentation for bug fix information:
https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/security_and_compliance/compliance-operator#compliance-operator-release-notes
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated OpenShift Compliance Operator image that fixes various bugs and adds new\nenhancements is now available for the Red Hat OpenShift Enterprise 4 catalog.",
"title": "Topic"
},
{
"category": "general",
"text": "The OpenShift Compliance Operator v1.8.2 is now available.\nSee the documentation for bug fix information:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/security_and_compliance/compliance-operator#compliance-operator-release-notes",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1859",
"url": "https://access.redhat.com/errata/RHSA-2026:1859"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1859.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Compliance Operator bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-02-03T20:56:16+00:00",
"generator": {
"date": "2026-02-03T20:56:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1859",
"initial_release_date": "2026-02-03T17:24:45+00:00",
"revision_history": [
{
"date": "2026-02-03T17:24:45+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-03T17:24:53+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Compliance Operator 1",
"product": {
"name": "Compliance Operator 1",
"product_id": "Compliance Operator 1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_compliance_operator:1::el9"
}
}
}
],
"category": "product_family",
"name": "Compliance Operator"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-operator-bundle@sha256%3Addc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769512879"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3A1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769190317"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3Ab28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458927"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3Ac49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769483309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3Ab91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2?arch=amd64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458916"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3Ac3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121?arch=arm64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769190317"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3Ac630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a?arch=arm64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458927"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3A05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3?arch=arm64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769483309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3A68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371?arch=arm64\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458916"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3A20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769190317"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3Ad4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458927"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3A050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769483309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3A281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b?arch=ppc64le\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458916"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-content-rhel8@sha256%3Aeba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e?arch=s390x\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769190317"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-must-gather-rhel8@sha256%3A616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5?arch=s390x\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458927"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-openscap-rhel8@sha256%3A381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047?arch=s390x\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769483309"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"product": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"product_id": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openshift-compliance-rhel8-operator@sha256%3A1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd?arch=s390x\u0026repository_url=registry.redhat.io/compliance\u0026tag=1769458916"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"relates_to_product_reference": "Compliance Operator 1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64 as a component of Compliance Operator 1",
"product_id": "Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
},
"product_reference": "registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64",
"relates_to_product_reference": "Compliance Operator 1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
],
"known_not_affected": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:24:45+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your\nsystem have been applied. For details on how to apply this update, refer to:\n \nhttps://docs.openshift.com/container-platform/latest/updating/updating_a_cluster/updating-cluster-cli.html",
"product_ids": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1859"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:1f64fb6c815987f02e1f9145bdf0b92fde122a5592cb9c6e3e734c7fbfe0423f_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:20e46e06977b41e0023503744d1a6b369cc625b71ca2c0499638e07642e8f497_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:c3be1b6c7f4a941ea8ce04911a6ad4e131d68edaf740202edd3d8e81a5ada121_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-content-rhel8@sha256:eba79d28a525f781c99f256a5aea19f2c32c1642b47a75cadeccc1becbf4c03e_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:616471362a3255231b1b2f5434aa1fdde078570543b1ccee23a74272cff3f2b5_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:b28e5ae6585ee33cbe4b18240dc05654c97960174beafca7575e9e0e452f7fb0_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:c630e73e617cf3ae94ded4961051c230ac51cab6c65f2067811e193aab489e8a_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-must-gather-rhel8@sha256:d4ac4dab190256aefd49d3bcf91747a6647dc1981b105499d3a933554643c350_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:050b381149997b5fbad2e60ff312e1559ee7c2efc67c822cc3e26a9c77c58749_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:05c4770c79444de006d6ee9fa05c678e2bc26bda6aa3306c5149e80e741c07b3_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:381e2f4b0aa56ebe408bb4a7b75edbc2b67ad972df8435ad4207b631c58b6047_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-openscap-rhel8@sha256:c49db2fec7a746afd40fe5883737a9e042fe1280f5eb7d1a4133b96e5f3febfa_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-operator-bundle@sha256:ddc2f107588e25d38af6eb58c7b106124f447deae8090ce4d78eead12487d1bf_amd64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:1ff94f69f055ccd48fe6c1c90c70302567a30dc9fdb548c8021bc041188673fd_s390x",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:281db2a4e1230228f5442ec70f09e78464171fe346722dbfdc2dbc277986767b_ppc64le",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:68ba04c2a97a1dbe3780ed8c6b86af3079584211e3d466f00dcd7a509281f371_arm64",
"Compliance Operator 1:registry.redhat.io/compliance/openshift-compliance-rhel8-operator@sha256:b91a28de45761e8aa69752b0120cfa9cbfa1eb9bdd291ab77241e2b23d15c5e2_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:1858
Vulnerability from csaf_redhat - Published: 2026-02-03 17:17 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: Red Hat Ceph Storage
Notes
Topic
A new version of Red Hat build of Ceph Storage has been released
Details
The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 7.1.
This release updates to the latest version.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new version of Red Hat build of Ceph Storage has been released",
"title": "Topic"
},
{
"category": "general",
"text": "The Red Hat Storage Ceph container images are based on the latest ubi9 base image and Ceph 7.1.\nThis release updates to the latest version.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:1858",
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-45582",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6069",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61984",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61985",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68973",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-8291",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/",
"url": "https://docs.redhat.com/en/documentation/red_hat_ceph_storage/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_1858.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Ceph Storage",
"tracking": {
"current_release_date": "2026-02-03T20:56:16+00:00",
"generator": {
"date": "2026-02-03T20:56:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:1858",
"initial_release_date": "2026-02-03T17:17:26+00:00",
"revision_history": [
{
"date": "2026-02-03T17:17:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-03T17:17:38+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Ceph Storage 7",
"product": {
"name": "Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:ceph_storage:7::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Ceph Storage"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769523636"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769511650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Aeda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769514555"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3A6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769513068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-7-rhel9@sha256%3A7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769508455"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3Afb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111?arch=amd64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512818"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Ace94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18?arch=arm64\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769523636"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3Ad87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769523636"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769511650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3A5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769514555"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Ac8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769513068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-7-rhel9@sha256%3A7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769508455"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4?arch=s390x\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512818"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"product_id": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/grafana-rhel9@sha256%3A82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769523636"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-haproxy-rhel9@sha256%3A70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769511650"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"product_id": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/keepalived-rhel9@sha256%3Af40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769514555"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-promtail-rhel9@sha256%3Ad2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769513068"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"product_id": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhceph-7-rhel9@sha256%3A72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769508455"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"product": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"product_id": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/snmp-notifier-rhel9@sha256%3A8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba?arch=ppc64le\u0026repository_url=registry.redhat.io/rhceph\u0026tag=1769512818"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x"
},
"product_reference": "registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64 as a component of Red Hat Ceph Storage 7",
"product_id": "Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
},
"product_reference": "registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64",
"relates_to_product_reference": "Red Hat Ceph Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6069",
"cwe": {
"id": "CWE-1333",
"name": "Inefficient Regular Expression Complexity"
},
"discovery_date": "2025-06-17T14:00:45.339399+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2373234"
}
],
"notes": [
{
"category": "description",
"text": "A denial-of-service (DoS) vulnerability has been discovered in Python\u0027s html.parser.HTMLParser class. When processing specially malformed HTML input, the parsing runtime can become quadratic with respect to the input size. This significantly increased processing time can lead to excessive resource consumption, ultimately causing a denial-of-service condition in applications that rely on this parser.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: Python HTMLParser quadratic complexity",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6069"
},
{
"category": "external",
"summary": "RHBZ#2373234",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373234"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6069",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6069"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6069"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949",
"url": "https://github.com/python/cpython/commit/4455cbabf991e202185a25a631af206f60bbc949"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41",
"url": "https://github.com/python/cpython/commit/6eb6c5dbfb528bd07d77b60fd71fd05d81d45c41"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b",
"url": "https://github.com/python/cpython/commit/d851f8e258c7328814943e923a7df81bca15df4b"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/135462",
"url": "https://github.com/python/cpython/issues/135462"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/135464",
"url": "https://github.com/python/cpython/pull/135464"
}
],
"release_date": "2025-06-17T13:39:46.058000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: Python HTMLParser quadratic complexity"
},
{
"cve": "CVE-2025-8291",
"cwe": {
"id": "CWE-130",
"name": "Improper Handling of Length Parameter Inconsistency"
},
"discovery_date": "2025-10-07T19:01:23.599055+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402342"
}
],
"notes": [
{
"category": "description",
"text": "The \u0027zipfile\u0027 module would not check the validity of the ZIP64 End of\nCentral Directory (EOCD) Locator record offset value would not be used to\nlocate the ZIP64 EOCD record, instead the ZIP64 EOCD record would be\nassumed to be the previous record in the ZIP archive. This could be abused\nto create ZIP archives that are handled differently by the \u0027zipfile\u0027 module\ncompared to other ZIP implementations.\n\n\nRemediation maintains this behavior, but checks that the offset specified\nin the ZIP64 EOCD Locator record matches the expected value.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-8291"
},
{
"category": "external",
"summary": "RHBZ#2402342",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402342"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-8291"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267",
"url": "https://github.com/python/cpython/commit/162997bb70e067668c039700141770687bc8f267"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6",
"url": "https://github.com/python/cpython/commit/333d4a6f4967d3ace91492a39ededbcf3faa76a6"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/issues/139700",
"url": "https://github.com/python/cpython/issues/139700"
},
{
"category": "external",
"summary": "https://github.com/python/cpython/pull/139702",
"url": "https://github.com/python/cpython/pull/139702"
},
{
"category": "external",
"summary": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/",
"url": "https://mail.python.org/archives/list/security-announce@python.org/thread/QECOPWMTH4VPPJAXAH2BGTA4XADOP62G/"
}
],
"release_date": "2025-10-07T18:10:05.908000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "cpython: python: Python zipfile End of Central Directory (EOCD) Locator record offset not checked"
},
{
"cve": "CVE-2025-45582",
"cwe": {
"id": "CWE-24",
"name": "Path Traversal: \u0027../filedir\u0027"
},
"discovery_date": "2025-07-11T17:00:47.340822+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2379592"
}
],
"notes": [
{
"category": "description",
"text": "A relative path traversal flaw was found in the gnu tar utility. When archives with relative paths are extracted without the \u2018--keep-old-files\u2019 (\u2018-k\u2019), the extraction process may overwrite existing files that the current user has access to. The server may be impacted if these files are critical to the operation of some service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tar: Tar path traversal",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-45582"
},
{
"category": "external",
"summary": "RHBZ#2379592",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379592"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-45582",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-45582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-45582"
},
{
"category": "external",
"summary": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md",
"url": "https://github.com/i900008/vulndb/blob/main/Gnu_tar_vuln.md"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/",
"url": "https://www.gnu.org/software/tar/"
},
{
"category": "external",
"summary": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity",
"url": "https://www.gnu.org/software/tar/manual/html_node/Integrity.html#Integrity"
}
],
"release_date": "2025-07-11T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tar: Tar path traversal"
},
{
"cve": "CVE-2025-61984",
"cwe": {
"id": "CWE-159",
"name": "Improper Handling of Invalid Use of Special Elements"
},
"discovery_date": "2025-10-06T19:01:13.449665+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401960"
}
],
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. (A configuration file that provides a complete literal username is not categorized as an untrusted source.)",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nThe issue occurs only when a ProxyCommand is configured and the SSH client handles a username containing control characters from an untrusted source, such as script-generated input or expanded configuration values.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61984"
},
{
"category": "external",
"summary": "RHBZ#2401960",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401960"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61984",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61984"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61984"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Control characters in usernames can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-61985",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2025-10-06T19:01:16.841946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2401962"
}
],
"notes": [
{
"category": "description",
"text": "ssh in OpenSSH before 10.1 allows the \u0027\\0\u0027 character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is MODERATE because it is a critical component used across many Red Hat products.\nExploiting this vulnerability would require a specific configuration where ProxyCommand is enabled and the SSH client processes an untrusted ssh:// URI containing null bytes. Under these conditions, the command parser may misinterpret the URI and execute unintended shell commands.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61985"
},
{
"category": "external",
"summary": "RHBZ#2401962",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2401962"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61985",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61985"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61985"
},
{
"category": "external",
"summary": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2",
"url": "https://marc.info/?l=openssh-unix-dev\u0026m=175974522032149\u0026w=2"
},
{
"category": "external",
"summary": "https://www.openssh.com/releasenotes.html#10.1p1",
"url": "https://www.openssh.com/releasenotes.html#10.1p1"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/10/06/1",
"url": "https://www.openwall.com/lists/oss-security/2025/10/06/1"
}
],
"release_date": "2025-10-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "openssh: OpenSSH: Null character in ssh:// URI can lead to code execution via ProxyCommand"
},
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"known_not_affected": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-03T17:17:26+00:00",
"details": "The container images provided by this update can be downloaded from the\nRed Hat container registry at registry.redhat.io using the \"podman pull\" command.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:1858"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:11773d80339a92f1499187a70646ff7530ed39051bfe5d9d7b2d1c0d8dd2c7e4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:82ba6ce7b61237d6495227b6664380ea1bf6a24445a5a8c880915beac6831028_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:ce94e6e42005e716f2abe0a1eb3e1a71b011d857bd0ad642fd9ee3a5750c0b18_arm64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/grafana-rhel9@sha256:d87ca1509ba91b81ff2d4a2fb02604f3ebdd2815e7d7d315a9331ef9da3180bf_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:5099084ae1fb27833a3ad6e0b5e2e2ce95b2dfd1170deff7bc6a9e9a581b6ca1_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:eda55f5ed31112e29d02cf0c14de39f0e0bd0136b46d6a3e578d45b01bd16a71_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/keepalived-rhel9@sha256:f40cc04bf9afa8265ead882d9f18550b4d69cc97bb647511b8f7c2f4d8f47247_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:72a6d9deb9325e43639230b2681640b15bab946025810258796f95315febb7f4_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7593f0bc7a6b312b5b686f0077443f11e9952128801809828e8bd3a73314c116_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-7-rhel9@sha256:7c82e63b4db275f455ef10b251a8093611ad07898386aaf01faad687b461b5d4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:274893247f4f33f5a3967d50053182476bc15d9c44cbb5a0ccf2e8e0127aa03f_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:57ac50e7fe4d964f6179837eede564a418972513757603b21215687eaa188aa1_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-haproxy-rhel9@sha256:70ba13e1c4c00e5795662b5bc3435484886df7b73c029e47b534765819162202_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:6a936e0f9f3ae65fea8f9ea292917fb2d24a786f4fa8b9a6f28423eb67bc47f4_amd64",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:c8a96598fc95bade62da70e55b47cabb56e63e2744ccbe81c9214ac25fca7a0a_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/rhceph-promtail-rhel9@sha256:d2540df6829a7e0fce0f973a103c59293fecdb75348172a6369046eee29fc4bf_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:28997406d0689952d39b9f3e3bb4c1855fa541d5d0493bba40437d56c10e27c4_s390x",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:8ac742804b615da940af01a71b3b6bc2dd8f6848bb0fa13317936a68223bcdba_ppc64le",
"Red Hat Ceph Storage 7:registry.redhat.io/rhceph/snmp-notifier-rhel9@sha256:fb42631731ce938f897178719946ca84110fe8dc359649d0071cc6d5b795c111_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
RHSA-2026:0697
Vulnerability from csaf_redhat - Published: 2026-01-15 11:30 - Updated: 2026-02-03 20:56Summary
Red Hat Security Advisory: gnupg2 security update
Notes
Topic
An update for gnupg2 is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.
Security Fix(es):
* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for gnupg2 is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The GNU Privacy Guard (GnuPG or GPG) is a tool for encrypting data and creating digital signatures, compliant with OpenPGP and S/MIME standards.\n\nSecurity Fix(es):\n\n* GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write (CVE-2025-68973)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:0697",
"url": "https://access.redhat.com/errata/RHSA-2026:0697"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0697.json"
}
],
"title": "Red Hat Security Advisory: gnupg2 security update",
"tracking": {
"current_release_date": "2026-02-03T20:56:16+00:00",
"generator": {
"date": "2026-02-03T20:56:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHSA-2026:0697",
"initial_release_date": "2026-01-15T11:30:44+00:00",
"revision_history": [
{
"date": "2026-01-15T11:30:44+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-01-15T11:30:44+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-02-03T20:56:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"product": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"product_id": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-3.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"product_id": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-3.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"product_id": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-3.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-3.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-3.el10_1.aarch64",
"product": {
"name": "gnupg2-0:2.4.5-3.el10_1.aarch64",
"product_id": "gnupg2-0:2.4.5-3.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-3.el10_1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"product": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"product_id": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-3.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"product_id": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-3.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"product_id": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-3.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-3.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-3.el10_1.ppc64le",
"product": {
"name": "gnupg2-0:2.4.5-3.el10_1.ppc64le",
"product_id": "gnupg2-0:2.4.5-3.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-3.el10_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"product": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"product_id": "gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-3.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"product_id": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-3.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"product_id": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-3.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-3.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-3.el10_1.s390x",
"product": {
"name": "gnupg2-0:2.4.5-3.el10_1.s390x",
"product_id": "gnupg2-0:2.4.5-3.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-3.el10_1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"product": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"product_id": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime@2.4.5-3.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"product": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"product_id": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debugsource@2.4.5-3.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"product": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"product_id": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-debuginfo@2.4.5-3.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"product": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"product_id": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2-smime-debuginfo@2.4.5-3.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-3.el10_1.x86_64",
"product": {
"name": "gnupg2-0:2.4.5-3.el10_1.x86_64",
"product_id": "gnupg2-0:2.4.5-3.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-3.el10_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "gnupg2-0:2.4.5-3.el10_1.src",
"product": {
"name": "gnupg2-0:2.4.5-3.el10_1.src",
"product_id": "gnupg2-0:2.4.5-3.el10_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/gnupg2@2.4.5-3.el10_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.src as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.src",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"relates_to_product_reference": "BaseOS-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64 as a component of Red Hat Enterprise Linux BaseOS (v. 10)",
"product_id": "BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64"
},
"product_reference": "gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"relates_to_product_reference": "BaseOS-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"discovery_date": "2025-12-28T17:00:44.161022+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425966"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in GnuPG. An attacker can provide crafted input to the `armor_filter` function, which incorrectly increments an index variable, leading to an out-of-bounds write. This memory corruption vulnerability may allow for information disclosure and could potentially lead to arbitrary code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in GnuPG\u0027s `armor_filter` function allows an attacker with local access to provide crafted input, potentially leading to information disclosure and arbitrary code execution due to an out-of-bounds write. Exploitation requires high attack complexity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "RHBZ#2425966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"category": "external",
"summary": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"category": "external",
"summary": "https://gpg.fail/memcpy",
"url": "https://gpg.fail/memcpy"
},
{
"category": "external",
"summary": "https://news.ycombinator.com/item?id=46403200",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2025/12/28/5",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
}
],
"release_date": "2025-12-28T16:19:11.019000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-01-15T11:30:44+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:0697"
},
{
"category": "workaround",
"details": "To mitigate this issue, users should avoid processing untrusted or unverified input with GnuPG. Exercise caution when handling GnuPG-encrypted or signed data from unknown or suspicious sources, as specially crafted input could trigger the vulnerability. This operational control reduces the attack surface by limiting exposure to malicious data.",
"product_ids": [
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"AppStream-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"AppStream-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.src",
"BaseOS-10.1.Z:gnupg2-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debuginfo-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-debugsource-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-0:2.4.5-3.el10_1.x86_64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.aarch64",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.ppc64le",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.s390x",
"BaseOS-10.1.Z:gnupg2-smime-debuginfo-0:2.4.5-3.el10_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "GnuPG: GnuPG: Information disclosure and potential arbitrary code execution via out-of-bounds write"
}
]
}
SUSE-SU-2026:20108-1
Vulnerability from csaf_suse - Published: 2026-01-14 10:23 - Updated: 2026-01-14 10:23Summary
Security update for gpg2
Notes
Title of the patch
Security update for gpg2
Description of the patch
This update for gpg2 fixes the following issues:
- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).
Other security fixes:
- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).
- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).
- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).
Patchnames
SUSE-SL-Micro-6.2-138
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gpg2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gpg2 fixes the following issues:\n\n- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).\n\nOther security fixes:\n\n- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).\n- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).\n- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SL-Micro-6.2-138",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20108-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20108-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620108-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20108-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023880.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255715",
"url": "https://bugzilla.suse.com/1255715"
},
{
"category": "self",
"summary": "SUSE Bug 1256244",
"url": "https://bugzilla.suse.com/1256244"
},
{
"category": "self",
"summary": "SUSE Bug 1256246",
"url": "https://bugzilla.suse.com/1256246"
},
{
"category": "self",
"summary": "SUSE Bug 1256390",
"url": "https://bugzilla.suse.com/1256390"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68973/"
}
],
"title": "Security update for gpg2",
"tracking": {
"current_release_date": "2026-01-14T10:23:37Z",
"generator": {
"date": "2026-01-14T10:23:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20108-1",
"initial_release_date": "2026-01-14T10:23:37Z",
"revision_history": [
{
"date": "2026-01-14T10:23:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.aarch64",
"product": {
"name": "gpg2-2.5.5-160000.3.1.aarch64",
"product_id": "gpg2-2.5.5-160000.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le",
"product_id": "gpg2-2.5.5-160000.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.s390x",
"product": {
"name": "gpg2-2.5.5-160000.3.1.s390x",
"product_id": "gpg2-2.5.5-160000.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.x86_64",
"product": {
"name": "gpg2-2.5.5-160000.3.1.x86_64",
"product_id": "gpg2-2.5.5-160000.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:transactional"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.s390x as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Micro 6.2",
"product_id": "SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68973"
}
],
"notes": [
{
"category": "general",
"text": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68973",
"url": "https://www.suse.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "SUSE Bug 1255715 for CVE-2025-68973",
"url": "https://bugzilla.suse.com/1255715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Micro 6.2:gpg2-2.5.5-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-14T10:23:37Z",
"details": "important"
}
],
"title": "CVE-2025-68973"
}
]
}
SUSE-SU-2026:0214-1
Vulnerability from csaf_suse - Published: 2026-01-22 12:09 - Updated: 2026-01-22 12:09Summary
Security update for gpg2
Notes
Title of the patch
Security update for gpg2
Description of the patch
This update for gpg2 fixes the following issues:
- CVE-2025-68973: Fix possible memory corruption in the armor parser (gpg.fail/memcpy)(bsc#1255715).
- Avoid potential downgrade to SHA1 in 3rd party key signatures (gpg.fail/sha1) (bsc#1256246).
- Error out on unverified output for non-detached signatures (gpg.fail/detached) (bsc#1256244).
- Fix Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (gpg.fail/notdash) (bsc#1256390).
Patchnames
SUSE-2026-214,SUSE-SLE-Micro-5.3-2026-214,SUSE-SLE-Micro-5.4-2026-214,SUSE-SLE-Micro-5.5-2026-214,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-214,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-214,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-214,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-214,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-214,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-214,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-214,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-214,SUSE-SUSE-MicroOS-5.2-2026-214
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gpg2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gpg2 fixes the following issues:\n\n- CVE-2025-68973: Fix possible memory corruption in the armor parser (gpg.fail/memcpy)(bsc#1255715).\n- Avoid potential downgrade to SHA1 in 3rd party key signatures (gpg.fail/sha1) (bsc#1256246).\n- Error out on unverified output for non-detached signatures (gpg.fail/detached) (bsc#1256244).\n- Fix Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (gpg.fail/notdash) (bsc#1256390).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-214,SUSE-SLE-Micro-5.3-2026-214,SUSE-SLE-Micro-5.4-2026-214,SUSE-SLE-Micro-5.5-2026-214,SUSE-SLE-Product-HPC-15-SP4-ESPOS-2026-214,SUSE-SLE-Product-HPC-15-SP4-LTSS-2026-214,SUSE-SLE-Product-HPC-15-SP5-ESPOS-2026-214,SUSE-SLE-Product-HPC-15-SP5-LTSS-2026-214,SUSE-SLE-Product-SLES-15-SP4-LTSS-2026-214,SUSE-SLE-Product-SLES-15-SP5-LTSS-2026-214,SUSE-SLE-Product-SLES_SAP-15-SP4-2026-214,SUSE-SLE-Product-SLES_SAP-15-SP5-2026-214,SUSE-SUSE-MicroOS-5.2-2026-214",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0214-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0214-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260214-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0214-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023871.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255715",
"url": "https://bugzilla.suse.com/1255715"
},
{
"category": "self",
"summary": "SUSE Bug 1256244",
"url": "https://bugzilla.suse.com/1256244"
},
{
"category": "self",
"summary": "SUSE Bug 1256246",
"url": "https://bugzilla.suse.com/1256246"
},
{
"category": "self",
"summary": "SUSE Bug 1256390",
"url": "https://bugzilla.suse.com/1256390"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68973/"
}
],
"title": "Security update for gpg2",
"tracking": {
"current_release_date": "2026-01-22T12:09:32Z",
"generator": {
"date": "2026-01-22T12:09:32Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0214-1",
"initial_release_date": "2026-01-22T12:09:32Z",
"revision_history": [
{
"date": "2026-01-22T12:09:32Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"product": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"product_id": "dirmngr-2.2.27-150300.3.16.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-2.2.27-150300.3.16.1.aarch64",
"product": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64",
"product_id": "gpg2-2.2.27-150300.3.16.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.2.27-150300.3.16.1.i586",
"product": {
"name": "dirmngr-2.2.27-150300.3.16.1.i586",
"product_id": "dirmngr-2.2.27-150300.3.16.1.i586"
}
},
{
"category": "product_version",
"name": "gpg2-2.2.27-150300.3.16.1.i586",
"product": {
"name": "gpg2-2.2.27-150300.3.16.1.i586",
"product_id": "gpg2-2.2.27-150300.3.16.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"product": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"product_id": "gpg2-lang-2.2.27-150300.3.16.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.2.27-150300.3.16.1.ppc64le",
"product": {
"name": "dirmngr-2.2.27-150300.3.16.1.ppc64le",
"product_id": "dirmngr-2.2.27-150300.3.16.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"product": {
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"product_id": "gpg2-2.2.27-150300.3.16.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.2.27-150300.3.16.1.s390x",
"product": {
"name": "dirmngr-2.2.27-150300.3.16.1.s390x",
"product_id": "dirmngr-2.2.27-150300.3.16.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-2.2.27-150300.3.16.1.s390x",
"product": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x",
"product_id": "gpg2-2.2.27-150300.3.16.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"product": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"product_id": "dirmngr-2.2.27-150300.3.16.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-2.2.27-150300.3.16.1.x86_64",
"product": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64",
"product_id": "gpg2-2.2.27-150300.3.16.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-micro:5.5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.2",
"product": {
"name": "SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Micro 5.3",
"product_id": "SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Micro 5.4",
"product_id": "SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Micro 5.5",
"product_id": "SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise Server 15 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise Server 15 SP5-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP5-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "dirmngr-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.ppc64le"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.2.27-150300.3.16.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-lang-2.2.27-150300.3.16.1.noarch"
},
"product_reference": "gpg2-lang-2.2.27-150300.3.16.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.aarch64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.aarch64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.s390x as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.s390x"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.2.27-150300.3.16.1.x86_64 as component of SUSE Linux Enterprise Micro 5.2",
"product_id": "SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.x86_64"
},
"product_reference": "gpg2-2.2.27-150300.3.16.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68973"
}
],
"notes": [
{
"category": "general",
"text": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-lang-2.2.27-150300.3.16.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68973",
"url": "https://www.suse.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "SUSE Bug 1255715 for CVE-2025-68973",
"url": "https://bugzilla.suse.com/1255715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-lang-2.2.27-150300.3.16.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.2:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.3:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.4:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Micro 5.5:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP4-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.aarch64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.s390x",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server 15 SP5-LTSS:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP4:gpg2-lang-2.2.27-150300.3.16.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:dirmngr-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-2.2.27-150300.3.16.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP5:gpg2-lang-2.2.27-150300.3.16.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-22T12:09:32Z",
"details": "important"
}
],
"title": "CVE-2025-68973"
}
]
}
SUSE-SU-2026:0215-1
Vulnerability from csaf_suse - Published: 2026-01-22 12:10 - Updated: 2026-01-22 12:10Summary
Security update for gpg2
Notes
Title of the patch
Security update for gpg2
Description of the patch
This update for gpg2 fixes the following issues:
- CVE-2025-68973: Fix possible memory corruption in the armor parser (gpg.fail/memcpy)(bsc#1255715).
- Avoid potential downgrade to SHA1 in 3rd party key signatures (gpg.fail/sha1) (bsc#1256246).
- Error out on unverified output for non-detached signatures (gpg.fail/detached) (bsc#1256244).
- Fix a memory leak in gpg2 agent (bsc#1256243).
- Fix Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (gpg.fail/notdash) (bsc#1256390).
Patchnames
SUSE-2026-215,SUSE-SLE-Module-Basesystem-15-SP7-2026-215,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-215,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-215,openSUSE-SLE-15.6-2026-215
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gpg2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gpg2 fixes the following issues:\n\n- CVE-2025-68973: Fix possible memory corruption in the armor parser (gpg.fail/memcpy)(bsc#1255715).\n- Avoid potential downgrade to SHA1 in 3rd party key signatures (gpg.fail/sha1) (bsc#1256246).\n- Error out on unverified output for non-detached signatures (gpg.fail/detached) (bsc#1256244).\n- Fix a memory leak in gpg2 agent (bsc#1256243).\n- Fix Cleartext Signature Forgery in the NotDashEscaped header implementation in GnuPG (gpg.fail/notdash) (bsc#1256390).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2026-215,SUSE-SLE-Module-Basesystem-15-SP7-2026-215,SUSE-SLE-Product-SLES-15-SP6-LTSS-2026-215,SUSE-SLE-Product-SLES_SAP-15-SP6-2026-215,openSUSE-SLE-15.6-2026-215",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_0215-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:0215-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20260215-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:0215-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023870.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255715",
"url": "https://bugzilla.suse.com/1255715"
},
{
"category": "self",
"summary": "SUSE Bug 1256243",
"url": "https://bugzilla.suse.com/1256243"
},
{
"category": "self",
"summary": "SUSE Bug 1256244",
"url": "https://bugzilla.suse.com/1256244"
},
{
"category": "self",
"summary": "SUSE Bug 1256246",
"url": "https://bugzilla.suse.com/1256246"
},
{
"category": "self",
"summary": "SUSE Bug 1256390",
"url": "https://bugzilla.suse.com/1256390"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68973/"
}
],
"title": "Security update for gpg2",
"tracking": {
"current_release_date": "2026-01-22T12:10:17Z",
"generator": {
"date": "2026-01-22T12:10:17Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:0215-1",
"initial_release_date": "2026-01-22T12:10:17Z",
"revision_history": [
{
"date": "2026-01-22T12:10:17Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.4.4-150600.3.12.1.aarch64",
"product": {
"name": "dirmngr-2.4.4-150600.3.12.1.aarch64",
"product_id": "dirmngr-2.4.4-150600.3.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-2.4.4-150600.3.12.1.aarch64",
"product": {
"name": "gpg2-2.4.4-150600.3.12.1.aarch64",
"product_id": "gpg2-2.4.4-150600.3.12.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.4.4-150600.3.12.1.aarch64",
"product": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.aarch64",
"product_id": "gpg2-tpm-2.4.4-150600.3.12.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.4.4-150600.3.12.1.i586",
"product": {
"name": "dirmngr-2.4.4-150600.3.12.1.i586",
"product_id": "dirmngr-2.4.4-150600.3.12.1.i586"
}
},
{
"category": "product_version",
"name": "gpg2-2.4.4-150600.3.12.1.i586",
"product": {
"name": "gpg2-2.4.4-150600.3.12.1.i586",
"product_id": "gpg2-2.4.4-150600.3.12.1.i586"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.4.4-150600.3.12.1.i586",
"product": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.i586",
"product_id": "gpg2-tpm-2.4.4-150600.3.12.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-lang-2.4.4-150600.3.12.1.noarch",
"product": {
"name": "gpg2-lang-2.4.4-150600.3.12.1.noarch",
"product_id": "gpg2-lang-2.4.4-150600.3.12.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.4.4-150600.3.12.1.ppc64le",
"product": {
"name": "dirmngr-2.4.4-150600.3.12.1.ppc64le",
"product_id": "dirmngr-2.4.4-150600.3.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-2.4.4-150600.3.12.1.ppc64le",
"product": {
"name": "gpg2-2.4.4-150600.3.12.1.ppc64le",
"product_id": "gpg2-2.4.4-150600.3.12.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.4.4-150600.3.12.1.ppc64le",
"product": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.ppc64le",
"product_id": "gpg2-tpm-2.4.4-150600.3.12.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.4.4-150600.3.12.1.s390x",
"product": {
"name": "dirmngr-2.4.4-150600.3.12.1.s390x",
"product_id": "dirmngr-2.4.4-150600.3.12.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-2.4.4-150600.3.12.1.s390x",
"product": {
"name": "gpg2-2.4.4-150600.3.12.1.s390x",
"product_id": "gpg2-2.4.4-150600.3.12.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.4.4-150600.3.12.1.s390x",
"product": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.s390x",
"product_id": "gpg2-tpm-2.4.4-150600.3.12.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.4.4-150600.3.12.1.x86_64",
"product": {
"name": "dirmngr-2.4.4-150600.3.12.1.x86_64",
"product_id": "dirmngr-2.4.4-150600.3.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-2.4.4-150600.3.12.1.x86_64",
"product": {
"name": "gpg2-2.4.4-150600.3.12.1.x86_64",
"product_id": "gpg2-2.4.4-150600.3.12.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.4.4-150600.3.12.1.x86_64",
"product": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.x86_64",
"product_id": "gpg2-tpm-2.4.4-150600.3.12.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp7"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp6"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.4.4-150600.3.12.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP7",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-lang-2.4.4-150600.3.12.1.noarch"
},
"product_reference": "gpg2-lang-2.4.4-150600.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.s390x as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.4.4-150600.3.12.1.noarch as component of SUSE Linux Enterprise Server 15 SP6-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-lang-2.4.4-150600.3.12.1.noarch"
},
"product_reference": "gpg2-lang-2.4.4-150600.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP6-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.4.4-150600.3.12.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP6",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-lang-2.4.4-150600.3.12.1.noarch"
},
"product_reference": "gpg2-lang-2.4.4-150600.3.12.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.4.4-150600.3.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "dirmngr-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.4.4-150600.3.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "gpg2-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.4.4-150600.3.12.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-lang-2.4.4-150600.3.12.1.noarch"
},
"product_reference": "gpg2-lang-2.4.4-150600.3.12.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.aarch64"
},
"product_reference": "gpg2-tpm-2.4.4-150600.3.12.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.ppc64le"
},
"product_reference": "gpg2-tpm-2.4.4-150600.3.12.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.s390x"
},
"product_reference": "gpg2-tpm-2.4.4-150600.3.12.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.4.4-150600.3.12.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.x86_64"
},
"product_reference": "gpg2-tpm-2.4.4-150600.3.12.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68973"
}
],
"notes": [
{
"category": "general",
"text": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68973",
"url": "https://www.suse.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "SUSE Bug 1255715 for CVE-2025-68973",
"url": "https://bugzilla.suse.com/1255715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP7:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.aarch64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.s390x",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server 15 SP6-LTSS:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:dirmngr-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-2.4.4-150600.3.12.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP6:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:dirmngr-2.4.4-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:gpg2-2.4.4-150600.3.12.1.x86_64",
"openSUSE Leap 15.6:gpg2-lang-2.4.4-150600.3.12.1.noarch",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.aarch64",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.ppc64le",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.s390x",
"openSUSE Leap 15.6:gpg2-tpm-2.4.4-150600.3.12.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-22T12:10:17Z",
"details": "important"
}
],
"title": "CVE-2025-68973"
}
]
}
SUSE-SU-2026:20080-1
Vulnerability from csaf_suse - Published: 2026-01-14 10:23 - Updated: 2026-01-14 10:23Summary
Security update for gpg2
Notes
Title of the patch
Security update for gpg2
Description of the patch
This update for gpg2 fixes the following issues:
- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).
Other security fixes:
- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).
- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).
- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).
Patchnames
SUSE-SLES-16.0-138
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gpg2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gpg2 fixes the following issues:\n\n- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).\n\nOther security fixes:\n\n- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).\n- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).\n- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLES-16.0-138",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_20080-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:20080-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202620080-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:20080-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2026-January/023818.html"
},
{
"category": "self",
"summary": "SUSE Bug 1255715",
"url": "https://bugzilla.suse.com/1255715"
},
{
"category": "self",
"summary": "SUSE Bug 1256244",
"url": "https://bugzilla.suse.com/1256244"
},
{
"category": "self",
"summary": "SUSE Bug 1256246",
"url": "https://bugzilla.suse.com/1256246"
},
{
"category": "self",
"summary": "SUSE Bug 1256390",
"url": "https://bugzilla.suse.com/1256390"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68973/"
}
],
"title": "Security update for gpg2",
"tracking": {
"current_release_date": "2026-01-14T10:23:37Z",
"generator": {
"date": "2026-01-14T10:23:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:20080-1",
"initial_release_date": "2026-01-14T10:23:37Z",
"revision_history": [
{
"date": "2026-01-14T10:23:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.aarch64",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.aarch64",
"product_id": "dirmngr-2.5.5-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.aarch64",
"product": {
"name": "gpg2-2.5.5-160000.3.1.aarch64",
"product_id": "gpg2-2.5.5-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-lang-2.5.5-160000.3.1.noarch",
"product": {
"name": "gpg2-lang-2.5.5-160000.3.1.noarch",
"product_id": "gpg2-lang-2.5.5-160000.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.ppc64le",
"product_id": "dirmngr-2.5.5-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le",
"product_id": "gpg2-2.5.5-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.s390x",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.s390x",
"product_id": "dirmngr-2.5.5-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.s390x",
"product": {
"name": "gpg2-2.5.5-160000.3.1.s390x",
"product_id": "gpg2-2.5.5-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.x86_64",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.x86_64",
"product_id": "dirmngr-2.5.5-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.x86_64",
"product": {
"name": "gpg2-2.5.5-160000.3.1.x86_64",
"product_id": "gpg2-2.5.5-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:16:16.0:server-sap"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.aarch64"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.s390x"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.x86_64"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.5-160000.3.1.noarch as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-lang-2.5.5-160000.3.1.noarch"
},
"product_reference": "gpg2-lang-2.5.5-160000.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server 16.0",
"product_id": "SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.aarch64"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.s390x"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.x86_64"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.5-160000.3.1.noarch as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-lang-2.5.5-160000.3.1.noarch"
},
"product_reference": "gpg2-lang-2.5.5-160000.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64 as component of SUSE Linux Enterprise Server for SAP applications 16.0",
"product_id": "SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP applications 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68973"
}
],
"notes": [
{
"category": "general",
"text": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68973",
"url": "https://www.suse.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "SUSE Bug 1255715 for CVE-2025-68973",
"url": "https://bugzilla.suse.com/1255715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"SUSE Linux Enterprise Server for SAP applications 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-14T10:23:37Z",
"details": "important"
}
],
"title": "CVE-2025-68973"
}
]
}
CERTFR-2026-AVI-0112
Vulnerability from certfr_avis - Published: 2026-02-02 - Updated: 2026-02-02
De multiples vulnérabilités ont été découvertes dans les produits VMware. Elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.1.7 | ||
| VMware | Tanzu Kubernetes Grid Integrated Edition | Tanzu Kubernetes Grid Integrated Edition (TKGi) - Mgmt Console versions antérieures à 1.24.0 | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.2.7+LTS-T | ||
| VMware | N/A | NodeJS Buildpack versions antérieures à 1.8.74 | ||
| VMware | Tanzu Platform | Foundation Core pour VMware Tanzu Platform versions antérieures à 3.2.3 | ||
| VMware | Tanzu Platform | Telemetry pour VMware Tanzu Platform versions antérieures à 2.4.0 | ||
| VMware | N/A | Platform Automation Toolkit versions antérieures à 5.4.0 | ||
| VMware | N/A | VMware Harbor Registry versions antérieures à 2.14.0 | ||
| VMware | Tanzu Platform | Isolation Segmentation pour VMware Tanzu Platform versions antérieures à 10.3.4 |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.1.7",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Tanzu Kubernetes Grid Integrated Edition (TKGi) - Mgmt Console versions ant\u00e9rieures \u00e0 1.24.0",
"product": {
"name": "Tanzu Kubernetes Grid Integrated Edition",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.2.7+LTS-T",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "NodeJS Buildpack versions ant\u00e9rieures \u00e0 1.8.74",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Foundation Core pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 3.2.3",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Telemetry pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 2.4.0",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Platform Automation Toolkit versions ant\u00e9rieures \u00e0 5.4.0",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware Harbor Registry versions ant\u00e9rieures \u00e0 2.14.0",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "Isolation Segmentation pour VMware Tanzu Platform versions ant\u00e9rieures \u00e0 10.3.4",
"product": {
"name": "Tanzu Platform",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-8715",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8715"
},
{
"name": "CVE-2025-53547",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53547"
},
{
"name": "CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"name": "CVE-2025-9231",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9231"
},
{
"name": "CVE-2025-68973",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68973"
},
{
"name": "CVE-2025-10148",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10148"
},
{
"name": "CVE-2025-14087",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14087"
},
{
"name": "CVE-2025-22872",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22872"
},
{
"name": "CVE-2025-28164",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-28164"
},
{
"name": "CVE-2025-0913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0913"
},
{
"name": "CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"name": "CVE-2026-24882",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24882"
},
{
"name": "CVE-2023-45288",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45288"
},
{
"name": "CVE-2025-6075",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6075"
},
{
"name": "CVE-2025-22228",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22228"
},
{
"name": "CVE-2025-58185",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58185"
},
{
"name": "CVE-2025-55752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55752"
},
{
"name": "CVE-2025-58767",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58767"
},
{
"name": "CVE-2024-38819",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38819"
},
{
"name": "CVE-2025-55198",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55198"
},
{
"name": "CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"name": "CVE-2026-1485",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1485"
},
{
"name": "CVE-2022-49390",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-49390"
},
{
"name": "CVE-2025-48060",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48060"
},
{
"name": "CVE-2025-21855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21855"
},
{
"name": "CVE-2024-21510",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21510"
},
{
"name": "CVE-2025-14512",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14512"
},
{
"name": "CVE-2025-8291",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8291"
},
{
"name": "CVE-2025-61921",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61921"
},
{
"name": "CVE-2023-34231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34231"
},
{
"name": "CVE-2025-61727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61727"
},
{
"name": "CVE-2025-64718",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64718"
},
{
"name": "CVE-2024-28180",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28180"
},
{
"name": "CVE-2025-65637",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65637"
},
{
"name": "CVE-2025-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22233"
},
{
"name": "CVE-2025-47910",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47910"
},
{
"name": "CVE-2024-38820",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38820"
},
{
"name": "CVE-2025-10966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10966"
},
{
"name": "CVE-2025-47906",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47906"
},
{
"name": "CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"name": "CVE-2025-64505",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64505"
},
{
"name": "CVE-2025-58188",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58188"
},
{
"name": "CVE-2025-4674",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4674"
},
{
"name": "CVE-2022-29526",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29526"
},
{
"name": "CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"name": "CVE-2025-28162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-28162"
},
{
"name": "CVE-2025-55754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55754"
},
{
"name": "CVE-2025-64506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64506"
},
{
"name": "CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"name": "CVE-2025-22868",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22868"
},
{
"name": "CVE-2025-3360",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-3360"
},
{
"name": "CVE-2025-64720",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64720"
},
{
"name": "CVE-2025-61724",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61724"
},
{
"name": "CVE-2025-61723",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61723"
},
{
"name": "CVE-2025-9232",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9232"
},
{
"name": "CVE-2025-61795",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61795"
},
{
"name": "CVE-2025-14762",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-14762"
},
{
"name": "CVE-2025-8713",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8713"
},
{
"name": "CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"name": "CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"name": "CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"name": "CVE-2024-53427",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53427"
},
{
"name": "CVE-2025-61725",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61725"
},
{
"name": "CVE-2025-65018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65018"
},
{
"name": "CVE-2025-7039",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7039"
},
{
"name": "CVE-2025-12818",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12818"
},
{
"name": "CVE-2025-48989",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48989"
},
{
"name": "CVE-2026-24842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24842"
},
{
"name": "CVE-2025-22874",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22874"
},
{
"name": "CVE-2025-55199",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-55199"
},
{
"name": "CVE-2025-61594",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61594"
},
{
"name": "CVE-2025-47912",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47912"
},
{
"name": "CVE-2025-11414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11414"
},
{
"name": "CVE-2025-54410",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54410"
},
{
"name": "CVE-2025-52565",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
},
{
"name": "CVE-2026-24883",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24883"
},
{
"name": "CVE-2025-39964",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39964"
},
{
"name": "CVE-2025-39993",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39993"
},
{
"name": "CVE-2025-58186",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58186"
},
{
"name": "CVE-2025-8714",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8714"
},
{
"name": "CVE-2025-9086",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9086"
},
{
"name": "CVE-2025-58187",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58187"
},
{
"name": "CVE-2025-13601",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-13601"
},
{
"name": "CVE-2025-12817",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12817"
},
{
"name": "CVE-2025-4673",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-4673"
},
{
"name": "CVE-2025-22871",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22871"
},
{
"name": "CVE-2024-38828",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38828"
},
{
"name": "CVE-2025-6966",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6966"
},
{
"name": "CVE-2025-58181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58181"
},
{
"name": "CVE-2025-8959",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8959"
},
{
"name": "CVE-2025-47914",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47914"
},
{
"name": "CVE-2025-40018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40018"
},
{
"name": "CVE-2024-53218",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53218"
},
{
"name": "CVE-2025-67499",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-67499"
},
{
"name": "CVE-2025-58058",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58058"
},
{
"name": "CVE-2025-22869",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22869"
},
{
"name": "CVE-2025-58189",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58189"
},
{
"name": "CVE-2025-22870",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22870"
},
{
"name": "CVE-2025-11413",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11413"
},
{
"name": "CVE-2024-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23337"
},
{
"name": "CVE-2025-61748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61748"
},
{
"name": "CVE-2025-22235",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22235"
},
{
"name": "CVE-2025-9230",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9230"
},
{
"name": "CVE-2025-7339",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7339"
},
{
"name": "CVE-2024-53090",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-53090"
},
{
"name": "CVE-2025-8916",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8916"
},
{
"name": "CVE-2025-23419",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23419"
},
{
"name": "CVE-2025-8885",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-8885"
},
{
"name": "CVE-2025-41249",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41249"
},
{
"name": "CVE-2025-11412",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11412"
},
{
"name": "CVE-2026-1484",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1484"
},
{
"name": "CVE-2025-7424",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-7424"
},
{
"name": "CVE-2024-50067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50067"
},
{
"name": "CVE-2024-47220",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47220"
},
{
"name": "CVE-2025-54388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54388"
},
{
"name": "CVE-2026-1489",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1489"
},
{
"name": "CVE-2026-24881",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24881"
},
{
"name": "CVE-2025-41242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-41242"
},
{
"name": "CVE-2024-38816",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-38816"
},
{
"name": "CVE-2025-53057",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53057"
},
{
"name": "CVE-2025-6442",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6442"
},
{
"name": "CVE-2025-53066",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-53066"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"name": "CVE-2025-11494",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-11494"
},
{
"name": "CVE-2024-47691",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47691"
},
{
"name": "CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
}
],
"initial_release_date": "2026-02-02T00:00:00",
"last_revision_date": "2026-02-02T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0112",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-02-02T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits VMware. Elles permettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36902",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36902"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36908",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36908"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36897",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36897"
},
{
"published_at": "2026-02-01",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36912",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36912"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36904",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36904"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36900",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36900"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36903",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36903"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36909",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36909"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36899",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36899"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36906",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36906"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36907",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36907"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36901",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36901"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36905",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36905"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36898",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36898"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36910",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36910"
},
{
"published_at": "2026-02-02",
"title": "Bulletin de s\u00e9curit\u00e9 VMware 36911",
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36911"
}
]
}
FKIE_CVE-2025-68973
Vulnerability from fkie_nvd - Published: 2025-12-28 17:16 - Updated: 2026-01-14 19:16
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306 | Product | |
| cve@mitre.org | https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9 | Patch | |
| cve@mitre.org | https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51 | Patch | |
| cve@mitre.org | https://gpg.fail/memcpy | Broken Link | |
| cve@mitre.org | https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i | Issue Tracking | |
| cve@mitre.org | https://news.ycombinator.com/item?id=46403200 | Issue Tracking | |
| cve@mitre.org | https://www.openwall.com/lists/oss-security/2025/12/28/5 | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.openwall.com/lists/oss-security/2025/12/29/11 | Mailing List, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html | ||
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | https://gpg.fail/memcpy | Broken Link |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:gnupg:gnupg:*:*:*:*:-:*:*:*",
"matchCriteriaId": "8D4239B3-0B8A-4E14-9E33-DD52A3F8FF25",
"versionEndIncluding": "2.4.8",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)"
}
],
"id": "CVE-2025-68973",
"lastModified": "2026-01-14T19:16:46.857",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.4,
"impactScore": 5.8,
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2025-12-28T17:16:01.500",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Product"
],
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "https://gpg.fail/memcpy"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i"
},
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking"
],
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"source": "cve@mitre.org",
"tags": [
"Mailing List"
],
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Patch"
],
"url": "http://www.openwall.com/lists/oss-security/2025/12/29/11"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html"
},
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"tags": [
"Broken Link"
],
"url": "https://gpg.fail/memcpy"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-675"
}
],
"source": "cve@mitre.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
MSRC_CVE-2025-68973
Vulnerability from csaf_microsoft - Published: 2025-12-02 00:00 - Updated: 2026-01-06 14:36Summary
In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)
Notes
Additional Resources
To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer
The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2025-68973 In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.) - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-68973.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"tracking": {
"current_release_date": "2026-01-06T14:36:10.000Z",
"generator": {
"date": "2026-01-06T20:17:42.360Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2025-68973",
"initial_release_date": "2025-12-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-12-30T01:01:21.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-01-03T01:02:22.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-01-06T14:36:10.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
},
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 gnupg2 2.4.7-1",
"product": {
"name": "\u003cazl3 gnupg2 2.4.7-1",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "azl3 gnupg2 2.4.7-1",
"product": {
"name": "azl3 gnupg2 2.4.7-1",
"product_id": "20333"
}
},
{
"category": "product_version_range",
"name": "cbl2 gnupg2 2.4.0-2",
"product": {
"name": "cbl2 gnupg2 2.4.0-2",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "gnupg2"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 gnupg2 2.4.7-1 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 gnupg2 2.4.7-1 as a component of Azure Linux 3.0",
"product_id": "20333-17084"
},
"product_reference": "20333",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 gnupg2 2.4.0-2 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"cwe": {
"id": "CWE-675",
"name": "Multiple Operations on Resource in Single-Operation Context"
},
"notes": [
{
"category": "general",
"text": "mitre",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20333-17084"
],
"known_affected": [
"17084-1",
"17086-2"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2025-68973 In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.) - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2025-68973.json"
}
],
"remediations": [
{
"category": "none_available",
"date": "2025-12-30T01:01:21.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17086-2"
]
},
{
"category": "vendor_fix",
"date": "2025-12-30T01:01:21.000Z",
"details": "2.4.9-1:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 7.8,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"17084-1",
"17086-2"
]
}
],
"title": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)"
}
]
}
OPENSUSE-SU-2026:20029-1
Vulnerability from csaf_opensuse - Published: 2026-01-14 10:23 - Updated: 2026-01-14 10:23Summary
Security update for gpg2
Notes
Title of the patch
Security update for gpg2
Description of the patch
This update for gpg2 fixes the following issues:
- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).
Other security fixes:
- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).
- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).
- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).
Patchnames
openSUSE-Leap-16.0-138
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for gpg2",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for gpg2 fixes the following issues:\n\n- CVE-2025-68973: out-of-bounds write when processing specially crafted input in the armor parser can lead to memory corruption (bsc#1255715).\n\nOther security fixes:\n\n- gpg: Avoid potential downgrade to SHA1 in 3rd party key signatures (bsc#1256246).\n- gpg: Error out on unverified output for non-detached signatures (bsc#1256244).\n- gpg: Deprecate the option --not-dash-escaped (bsc#1256390).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Leap-16.0-138",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_20029-1.json"
},
{
"category": "self",
"summary": "SUSE Bug 1255715",
"url": "https://bugzilla.suse.com/1255715"
},
{
"category": "self",
"summary": "SUSE Bug 1256244",
"url": "https://bugzilla.suse.com/1256244"
},
{
"category": "self",
"summary": "SUSE Bug 1256246",
"url": "https://bugzilla.suse.com/1256246"
},
{
"category": "self",
"summary": "SUSE Bug 1256390",
"url": "https://bugzilla.suse.com/1256390"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68973/"
}
],
"title": "Security update for gpg2",
"tracking": {
"current_release_date": "2026-01-14T10:23:16Z",
"generator": {
"date": "2026-01-14T10:23:16Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:20029-1",
"initial_release_date": "2026-01-14T10:23:16Z",
"revision_history": [
{
"date": "2026-01-14T10:23:16Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.aarch64",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.aarch64",
"product_id": "dirmngr-2.5.5-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.aarch64",
"product": {
"name": "gpg2-2.5.5-160000.3.1.aarch64",
"product_id": "gpg2-2.5.5-160000.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "gpg2-lang-2.5.5-160000.3.1.noarch",
"product": {
"name": "gpg2-lang-2.5.5-160000.3.1.noarch",
"product_id": "gpg2-lang-2.5.5-160000.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.ppc64le",
"product_id": "dirmngr-2.5.5-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le",
"product_id": "gpg2-2.5.5-160000.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.s390x",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.s390x",
"product_id": "dirmngr-2.5.5-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.s390x",
"product": {
"name": "gpg2-2.5.5-160000.3.1.s390x",
"product_id": "gpg2-2.5.5-160000.3.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.5-160000.3.1.x86_64",
"product": {
"name": "dirmngr-2.5.5-160000.3.1.x86_64",
"product_id": "dirmngr-2.5.5-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.5-160000.3.1.x86_64",
"product": {
"name": "gpg2-2.5.5-160000.3.1.x86_64",
"product_id": "gpg2-2.5.5-160000.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"product": {
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"product_id": "gpg2-tpm-2.5.5-160000.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 16.0",
"product": {
"name": "openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0"
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.aarch64"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.s390x"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.5-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.x86_64"
},
"product_reference": "dirmngr-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.5-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.5-160000.3.1.noarch as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-lang-2.5.5-160000.3.1.noarch"
},
"product_reference": "gpg2-lang-2.5.5-160000.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.aarch64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.ppc64le as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.s390x as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 16.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.5-160000.3.1.x86_64 as component of openSUSE Leap 16.0",
"product_id": "openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
},
"product_reference": "gpg2-tpm-2.5.5-160000.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 16.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68973"
}
],
"notes": [
{
"category": "general",
"text": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"openSUSE Leap 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68973",
"url": "https://www.suse.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "SUSE Bug 1255715 for CVE-2025-68973",
"url": "https://bugzilla.suse.com/1255715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"openSUSE Leap 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:dirmngr-2.5.5-160000.3.1.x86_64",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:gpg2-2.5.5-160000.3.1.x86_64",
"openSUSE Leap 16.0:gpg2-lang-2.5.5-160000.3.1.noarch",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.aarch64",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.ppc64le",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.s390x",
"openSUSE Leap 16.0:gpg2-tpm-2.5.5-160000.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-14T10:23:16Z",
"details": "important"
}
],
"title": "CVE-2025-68973"
}
]
}
OPENSUSE-SU-2026:10001-1
Vulnerability from csaf_opensuse - Published: 2026-01-01 00:00 - Updated: 2026-01-01 00:00Summary
dirmngr-2.5.16-1.1 on GA media
Notes
Title of the patch
dirmngr-2.5.16-1.1 on GA media
Description of the patch
These are all security issues fixed in the dirmngr-2.5.16-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2026-10001
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "dirmngr-2.5.16-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the dirmngr-2.5.16-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2026-10001",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2026_10001-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68973 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68973/"
}
],
"title": "dirmngr-2.5.16-1.1 on GA media",
"tracking": {
"current_release_date": "2026-01-01T00:00:00Z",
"generator": {
"date": "2026-01-01T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2026:10001-1",
"initial_release_date": "2026-01-01T00:00:00Z",
"revision_history": [
{
"date": "2026-01-01T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.16-1.1.aarch64",
"product": {
"name": "dirmngr-2.5.16-1.1.aarch64",
"product_id": "dirmngr-2.5.16-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.16-1.1.aarch64",
"product": {
"name": "gpg2-2.5.16-1.1.aarch64",
"product_id": "gpg2-2.5.16-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-lang-2.5.16-1.1.aarch64",
"product": {
"name": "gpg2-lang-2.5.16-1.1.aarch64",
"product_id": "gpg2-lang-2.5.16-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.16-1.1.aarch64",
"product": {
"name": "gpg2-tpm-2.5.16-1.1.aarch64",
"product_id": "gpg2-tpm-2.5.16-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.16-1.1.ppc64le",
"product": {
"name": "dirmngr-2.5.16-1.1.ppc64le",
"product_id": "dirmngr-2.5.16-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.16-1.1.ppc64le",
"product": {
"name": "gpg2-2.5.16-1.1.ppc64le",
"product_id": "gpg2-2.5.16-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-lang-2.5.16-1.1.ppc64le",
"product": {
"name": "gpg2-lang-2.5.16-1.1.ppc64le",
"product_id": "gpg2-lang-2.5.16-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.16-1.1.ppc64le",
"product": {
"name": "gpg2-tpm-2.5.16-1.1.ppc64le",
"product_id": "gpg2-tpm-2.5.16-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.16-1.1.s390x",
"product": {
"name": "dirmngr-2.5.16-1.1.s390x",
"product_id": "dirmngr-2.5.16-1.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.16-1.1.s390x",
"product": {
"name": "gpg2-2.5.16-1.1.s390x",
"product_id": "gpg2-2.5.16-1.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-lang-2.5.16-1.1.s390x",
"product": {
"name": "gpg2-lang-2.5.16-1.1.s390x",
"product_id": "gpg2-lang-2.5.16-1.1.s390x"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.16-1.1.s390x",
"product": {
"name": "gpg2-tpm-2.5.16-1.1.s390x",
"product_id": "gpg2-tpm-2.5.16-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "dirmngr-2.5.16-1.1.x86_64",
"product": {
"name": "dirmngr-2.5.16-1.1.x86_64",
"product_id": "dirmngr-2.5.16-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-2.5.16-1.1.x86_64",
"product": {
"name": "gpg2-2.5.16-1.1.x86_64",
"product_id": "gpg2-2.5.16-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-lang-2.5.16-1.1.x86_64",
"product": {
"name": "gpg2-lang-2.5.16-1.1.x86_64",
"product_id": "gpg2-lang-2.5.16-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "gpg2-tpm-2.5.16-1.1.x86_64",
"product": {
"name": "gpg2-tpm-2.5.16-1.1.x86_64",
"product_id": "gpg2-tpm-2.5.16-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.16-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dirmngr-2.5.16-1.1.aarch64"
},
"product_reference": "dirmngr-2.5.16-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.16-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dirmngr-2.5.16-1.1.ppc64le"
},
"product_reference": "dirmngr-2.5.16-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.16-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dirmngr-2.5.16-1.1.s390x"
},
"product_reference": "dirmngr-2.5.16-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "dirmngr-2.5.16-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:dirmngr-2.5.16-1.1.x86_64"
},
"product_reference": "dirmngr-2.5.16-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.16-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-2.5.16-1.1.aarch64"
},
"product_reference": "gpg2-2.5.16-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.16-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-2.5.16-1.1.ppc64le"
},
"product_reference": "gpg2-2.5.16-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.16-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-2.5.16-1.1.s390x"
},
"product_reference": "gpg2-2.5.16-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-2.5.16-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-2.5.16-1.1.x86_64"
},
"product_reference": "gpg2-2.5.16-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.16-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.aarch64"
},
"product_reference": "gpg2-lang-2.5.16-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.16-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.ppc64le"
},
"product_reference": "gpg2-lang-2.5.16-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.16-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.s390x"
},
"product_reference": "gpg2-lang-2.5.16-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-lang-2.5.16-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.x86_64"
},
"product_reference": "gpg2-lang-2.5.16-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.16-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.aarch64"
},
"product_reference": "gpg2-tpm-2.5.16-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.16-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.ppc64le"
},
"product_reference": "gpg2-tpm-2.5.16-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.16-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.s390x"
},
"product_reference": "gpg2-tpm-2.5.16-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "gpg2-tpm-2.5.16-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.x86_64"
},
"product_reference": "gpg2-tpm-2.5.16-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-68973",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68973"
}
],
"notes": [
{
"category": "general",
"text": "In GnuPG before 2.4.9, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. (For ExtendedLTS, 2.2.51 and later are fixed versions.)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68973",
"url": "https://www.suse.com/security/cve/CVE-2025-68973"
},
{
"category": "external",
"summary": "SUSE Bug 1255715 for CVE-2025-68973",
"url": "https://bugzilla.suse.com/1255715"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:dirmngr-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-lang-2.5.16-1.1.x86_64",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.aarch64",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.ppc64le",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.s390x",
"openSUSE Tumbleweed:gpg2-tpm-2.5.16-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-01-01T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2025-68973"
}
]
}
GHSA-PJ23-86WW-F72P
Vulnerability from github – Published: 2025-12-28 18:30 – Updated: 2026-01-14 21:34
VLAI?
Details
In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input.
Severity ?
7.8 (High)
{
"affected": [],
"aliases": [
"CVE-2025-68973"
],
"database_specific": {
"cwe_ids": [
"CWE-675",
"CWE-787"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-12-28T17:16:01Z",
"severity": "HIGH"
},
"details": "In GnuPG through 2.4.8, armor_filter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input.",
"id": "GHSA-pj23-86ww-f72p",
"modified": "2026-01-14T21:34:04Z",
"published": "2025-12-28T18:30:26Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68973"
},
{
"type": "WEB",
"url": "https://github.com/gpg/gnupg/commit/115d138ba599328005c5321c0ef9f00355838ca9"
},
{
"type": "WEB",
"url": "https://github.com/gpg/gnupg/blob/ff30683418695f5d2cc9e6cf8c9418e09378ebe4/g10/armor.c#L1305-L1306"
},
{
"type": "WEB",
"url": "https://github.com/gpg/gnupg/compare/gnupg-2.2.50...gnupg-2.2.51"
},
{
"type": "WEB",
"url": "https://gpg.fail/memcpy"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2026/01/msg00008.html"
},
{
"type": "WEB",
"url": "https://media.ccc.de/v/39c3-to-sign-or-not-to-sign-practical-vulnerabilities-i"
},
{
"type": "WEB",
"url": "https://news.ycombinator.com/item?id=46403200"
},
{
"type": "WEB",
"url": "https://www.openwall.com/lists/oss-security/2025/12/28/5"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2025/12/29/11"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"type": "CVSS_V3"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…