Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-59830 (GCVE-0-2025-59830)
Vulnerability from cvelistv5 – Published: 2025-09-25 14:37 – Updated: 2025-09-25 16:16
VLAI
EPSS
Title
Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters
Summary
Rack is a modular Ruby web server interface. Prior to version 2.2.18, Rack::QueryParser enforces its params_limit only for parameters separated by &, while still splitting on both & and ;. As a result, attackers could use ; separators to bypass the parameter count limit and submit more parameters than intended. Applications or middleware that directly invoke Rack::QueryParser with its default configuration (no explicit delimiter) could be exposed to increased CPU and memory consumption. This can be abused as a limited denial-of-service vector. This issue has been patched in version 2.2.18.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/rack/rack/security/advisories/… | x_refsource_CONFIRM |
| https://github.com/rack/rack/commit/54e4ffdd5affe… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-59830",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-25T16:14:17.653996Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T16:16:15.255Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "rack",
"vendor": "rack",
"versions": [
{
"status": "affected",
"version": "\u003c 2.2.18"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Rack is a modular Ruby web server interface. Prior to version 2.2.18, Rack::QueryParser enforces its params_limit only for parameters separated by \u0026, while still splitting on both \u0026 and ;. As a result, attackers could use ; separators to bypass the parameter count limit and submit more parameters than intended. Applications or middleware that directly invoke Rack::QueryParser with its default configuration (no explicit delimiter) could be exposed to increased CPU and memory consumption. This can be abused as a limited denial-of-service vector. This issue has been patched in version 2.2.18."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770: Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-25T14:37:06.967Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm"
},
{
"name": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71"
}
],
"source": {
"advisory": "GHSA-625h-95r8-8xpm",
"discovery": "UNKNOWN"
},
"title": "Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-59830",
"datePublished": "2025-09-25T14:37:06.967Z",
"dateReserved": "2025-09-22T14:34:03.471Z",
"dateUpdated": "2025-09-25T16:16:15.255Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-59830",
"date": "2026-06-06",
"epss": "0.0014",
"percentile": "0.33866"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-59830\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-09-25T15:16:13.780\",\"lastModified\":\"2025-10-10T16:43:14.337\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Rack is a modular Ruby web server interface. Prior to version 2.2.18, Rack::QueryParser enforces its params_limit only for parameters separated by \u0026, while still splitting on both \u0026 and ;. As a result, attackers could use ; separators to bypass the parameter count limit and submit more parameters than intended. Applications or middleware that directly invoke Rack::QueryParser with its default configuration (no explicit delimiter) could be exposed to increased CPU and memory consumption. This can be abused as a limited denial-of-service vector. This issue has been patched in version 2.2.18.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"},{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rack:rack:*:*:*:*:*:ruby:*:*\",\"versionEndExcluding\":\"2.2.18\",\"matchCriteriaId\":\"737F4C76-9502-4F37-AB65-0124F1CD72BF\"}]}]}],\"references\":[{\"url\":\"https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mitigation\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-59830\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-09-25T16:14:17.653996Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-09-25T16:16:11.658Z\"}}], \"cna\": {\"title\": \"Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters\", \"source\": {\"advisory\": \"GHSA-625h-95r8-8xpm\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"rack\", \"product\": \"rack\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 2.2.18\"}]}], \"references\": [{\"url\": \"https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm\", \"name\": \"https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71\", \"name\": \"https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Rack is a modular Ruby web server interface. Prior to version 2.2.18, Rack::QueryParser enforces its params_limit only for parameters separated by \u0026, while still splitting on both \u0026 and ;. As a result, attackers could use ; separators to bypass the parameter count limit and submit more parameters than intended. Applications or middleware that directly invoke Rack::QueryParser with its default configuration (no explicit delimiter) could be exposed to increased CPU and memory consumption. This can be abused as a limited denial-of-service vector. This issue has been patched in version 2.2.18.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}, {\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"CWE-770: Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-09-25T14:37:06.967Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-59830\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-25T16:16:15.255Z\", \"dateReserved\": \"2025-09-22T14:34:03.471Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-09-25T14:37:06.967Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
RHSA-2025:19832
Vulnerability from csaf_redhat - Published: 2025-11-05 23:49 - Updated: 2026-04-08 07:55Summary
Red Hat Security Advisory: Satellite 6.17.6 Async Update
Severity
Important
Notes
Topic: A new release is now available for Red Hat Satellite 6.17 for RHEL 9.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security Fix(es):
* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)
* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)
* foreman: OS command injection via ct_location and fcct_location parameters (CVE-2025-10622)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting.
8.0 (High)
Affected products
Fixed
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
43 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (&). The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service).
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Moderate
A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
87 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
References
33 references
Acknowledgments
stmcyber.pl
Michał Bartoszuk
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new release is now available for Red Hat Satellite 6.17 for RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity Fix(es):\n\n* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)\n\n* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)\n\n* foreman: OS command injection via ct_location and fcct_location parameters (CVE-2025-10622)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19832",
"url": "https://access.redhat.com/errata/RHSA-2025:19832"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.17/html/updating_red_hat_satellite/index",
"url": "https://docs.redhat.com/en/documentation/red_hat_satellite/6.17/html/updating_red_hat_satellite/index"
},
{
"category": "external",
"summary": "2396020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396020"
},
{
"category": "external",
"summary": "2398167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398167"
},
{
"category": "external",
"summary": "2403180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403180"
},
{
"category": "external",
"summary": "SAT-39213",
"url": "https://issues.redhat.com/browse/SAT-39213"
},
{
"category": "external",
"summary": "SAT-39215",
"url": "https://issues.redhat.com/browse/SAT-39215"
},
{
"category": "external",
"summary": "SAT-39216",
"url": "https://issues.redhat.com/browse/SAT-39216"
},
{
"category": "external",
"summary": "SAT-39217",
"url": "https://issues.redhat.com/browse/SAT-39217"
},
{
"category": "external",
"summary": "SAT-39218",
"url": "https://issues.redhat.com/browse/SAT-39218"
},
{
"category": "external",
"summary": "SAT-39219",
"url": "https://issues.redhat.com/browse/SAT-39219"
},
{
"category": "external",
"summary": "SAT-39232",
"url": "https://issues.redhat.com/browse/SAT-39232"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19832.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.17.6 Async Update",
"tracking": {
"current_release_date": "2026-04-08T07:55:27+00:00",
"generator": {
"date": "2026-04-08T07:55:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2025:19832",
"initial_release_date": "2025-11-05T23:49:21+00:00",
"revision_history": [
{
"date": "2025-11-05T23:49:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-05T23:49:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-08T07:55:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.17::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.17::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.17::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-maintenance",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_maintenance:6.17::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "candlepin-0:4.4.23-1.el9sat.src",
"product": {
"name": "candlepin-0:4.4.23-1.el9sat.src",
"product_id": "candlepin-0:4.4.23-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.4.23-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.14.0.10-1.el9sat.src",
"product": {
"name": "foreman-0:3.14.0.10-1.el9sat.src",
"product_id": "foreman-0:3.14.0.10-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.14.0.10-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"product": {
"name": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"product_id": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-bootloaders-redhat@202506020000-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"product": {
"name": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"product_id": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_maintain@1.10.4-1.el9sat?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.16.0.10-1.el9sat.src",
"product": {
"name": "rubygem-katello-0:4.16.0.10-1.el9sat.src",
"product_id": "rubygem-katello-0:4.16.0.10-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.16.0.10-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rack-0:2.2.20-1.el9sat.src",
"product": {
"name": "rubygem-rack-0:2.2.20-1.el9sat.src",
"product_id": "rubygem-rack-0:2.2.20-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rack@2.2.20-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"product": {
"name": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"product_id": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-smart_proxy_openscap@0.12.1-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.17.6-1.el9sat.src",
"product": {
"name": "satellite-0:6.17.6-1.el9sat.src",
"product_id": "satellite-0:6.17.6-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.17.6-1.el9sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "candlepin-0:4.4.23-1.el9sat.noarch",
"product": {
"name": "candlepin-0:4.4.23-1.el9sat.noarch",
"product_id": "candlepin-0:4.4.23-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin@4.4.23-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"product": {
"name": "candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"product_id": "candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/candlepin-selinux@4.4.23-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-pcp@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-service-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-service-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"product": {
"name": "foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"product_id": "foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.14.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"product": {
"name": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"product_id": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-bootloaders-redhat@202506020000-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"product": {
"name": "foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"product_id": "foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-bootloaders-redhat-tftpboot@202506020000-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"product": {
"name": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"product_id": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-foreman_maintain@1.10.4-1.el9sat?arch=noarch\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"product": {
"name": "rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"product_id": "rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-katello@4.16.0.10-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rack-0:2.2.20-1.el9sat.noarch",
"product": {
"name": "rubygem-rack-0:2.2.20-1.el9sat.noarch",
"product_id": "rubygem-rack-0:2.2.20-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rack@2.2.20-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"product": {
"name": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"product_id": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-smart_proxy_openscap@0.12.1-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.17.6-1.el9sat.noarch",
"product": {
"name": "satellite-capsule-0:6.17.6-1.el9sat.noarch",
"product_id": "satellite-capsule-0:6.17.6-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.17.6-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.17.6-1.el9sat.noarch",
"product": {
"name": "satellite-common-0:6.17.6-1.el9sat.noarch",
"product_id": "satellite-common-0:6.17.6-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.17.6-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"product": {
"name": "satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"product_id": "satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-obsolete-packages@6.17.6-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.17.6-1.el9sat.noarch",
"product": {
"name": "satellite-0:6.17.6-1.el9sat.noarch",
"product_id": "satellite-0:6.17.6-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.17.6-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.17.6-1.el9sat.noarch",
"product": {
"name": "satellite-cli-0:6.17.6-1.el9sat.noarch",
"product_id": "satellite-cli-0:6.17.6-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.17.6-1.el9sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.14.0.10-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src"
},
"product_reference": "foreman-0:3.14.0.10-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch"
},
"product_reference": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src"
},
"product_reference": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch"
},
"product_reference": "foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src"
},
"product_reference": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch"
},
"product_reference": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src"
},
"product_reference": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.17.6-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src"
},
"product_reference": "satellite-0:6.17.6-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src"
},
"product_reference": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-maintenance"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.14.0.10-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src"
},
"product_reference": "foreman-0:3.14.0.10-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.17.6-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src"
},
"product_reference": "satellite-0:6.17.6-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.4.23-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch"
},
"product_reference": "candlepin-0:4.4.23-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-0:4.4.23-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src"
},
"product_reference": "candlepin-0:4.4.23-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "candlepin-selinux-0:4.4.23-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch"
},
"product_reference": "candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.14.0.10-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src"
},
"product_reference": "foreman-0:3.14.0.10-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch"
},
"product_reference": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src"
},
"product_reference": "foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch"
},
"product_reference": "foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.14.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch"
},
"product_reference": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src"
},
"product_reference": "rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.16.0.10-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch"
},
"product_reference": "rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-katello-0:4.16.0.10-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src"
},
"product_reference": "rubygem-katello-0:4.16.0.10-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch"
},
"product_reference": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src"
},
"product_reference": "rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.17.6-1.el9sat.src as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src"
},
"product_reference": "satellite-0:6.17.6-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch as a component of Red Hat Satellite 6.17 for RHEL 9",
"product_id": "9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
},
"product_reference": "satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.17"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Micha\u0142 Bartoszuk"
],
"organization": "stmcyber.pl"
}
],
"cve": "CVE-2025-10622",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2025-09-17T09:07:39.743000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396020"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "foreman: OS command injection via ct_location and fcct_location parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat Satellite due to an OS command injection flaw in the Foreman component. An authenticated user with `edit_settings` permissions can bypass client-side whitelisting for `ct_location` and `fcct_location` parameters, leading to arbitrary command execution on the underlying operating system. This affects Red Hat Satellite versions 6.15, 6.16, 6.17, and 6.18.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch"
],
"known_not_affected": [
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-10622"
},
{
"category": "external",
"summary": "RHBZ#2396020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396020"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-10622",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10622"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-10622",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10622"
},
{
"category": "external",
"summary": "https://theforeman.org/security.html#2025-10622",
"url": "https://theforeman.org/security.html#2025-10622"
}
],
"release_date": "2025-11-01T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-05T23:49:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.17/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19832"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "foreman: OS command injection via ct_location and fcct_location parameters"
},
{
"cve": "CVE-2025-59830",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-25T15:01:07.627558+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2398167"
}
],
"notes": [
{
"category": "description",
"text": "An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (\u0026). The parser counts only \u0026 when enforcing the limit, while still splitting on both \u0026 and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The overall severity of this flaw is Moderate, because most Rack applications are not directly impacted. The vulnerability primarily affects applications or middleware that invoke Rack::QueryParser directly using its default configuration, which accepts both \u0026 and ; as parameter delimiters. This behavior can lead to excessive CPU or memory consumption, resulting only a limited denial-of-service condition.\n\nFor typical applications using Rack::Request, the default request-handling flow applies safe parsing logic and does not exhibit the vulnerable behavior.\n\nIn summary, while the theoretical severity is High, the practical impact is generally Moderate to Low for standard configurations.\n\n```\nAffectedness:\n\nIt should be noted that starting from Rack v3.x, the framework no longer splits query parameters on semicolons. This change was introduced in commit ef1fc0c44e6a4b77c8fcf9b4f3bfa09f04ae8482, effectively mitigating this issue in newer releases.\n\nRack 1.x is also not affected by this vulnerability. The vulnerable parsing logic was introduced in Rack 2.x; earlier versions use a simpler query parsing mechanism that does not expose the same resource exhaustion risk.\n```\n\n~~~\nAdditionally, Ruby 2.x and 3.x versions shipped with Red Hat Enterprise Linux are not affected, as they do not bundle the rack RubyGem by default. Rack is a third-party gem that must be installed separately.\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src"
],
"known_not_affected": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59830"
},
{
"category": "external",
"summary": "RHBZ#2398167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59830"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71",
"url": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm",
"url": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm"
}
],
"release_date": "2025-09-25T14:37:06.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-05T23:49:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.17/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19832"
},
{
"category": "workaround",
"details": "No action is required for typical Rack applications that use the framework\u2019s default request-handling mechanisms, as these are not impacted.\n\nFor custom implementations or middleware that directly invoke Rack::QueryParser, administrators should:\n\nUse explicit delimiters: Configure QueryParser to use a specific delimiter (e.g. \u0026) rather than accepting both \u0026 and ;.\n\nLimit request size and parameters: Enforce request size and parameter count limits at upstream layers (such as a web server, reverse proxy, or WAF) to prevent excessive resource consumption.\n\nPrefer safe APIs: Use Rack::Request or other higher-level request parsing APIs, which apply safe defaults and avoid this vulnerability.",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters"
},
{
"cve": "CVE-2025-61919",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-10T20:01:19.001907+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2403180"
}
],
"notes": [
{
"category": "description",
"text": "A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "~~~\n\nAffectedness:\n\nRack 1.x, including 1.6.x, is not affected by this vulnerability. The issue exists only in Rack 2.x and 3.x, where request parsing was refactored into the QueryParser component. Since Rack 1.x does not include this component, it does not contain the vulnerable logic.\n\nRuby 2.x and 3.x versions shipped with Red Hat Enterprise Linux, Red Hat Openshift Core OS (RHOCS) and Red Hat In-Vehicle OS (RHIVOS) are not affected, as they do not bundle the rack RubyGem by default. Rack is a third-party gem that must be installed separately.\n\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src"
],
"known_not_affected": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61919"
},
{
"category": "external",
"summary": "RHBZ#2403180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61919",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61919"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881",
"url": "https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db",
"url": "https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f",
"url": "https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm",
"url": "https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm"
}
],
"release_date": "2025-10-10T19:22:42.454000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-05T23:49:21+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor detailed instructions how to apply this update, refer to:\n\nhttps://docs.redhat.com/en/documentation/red_hat_satellite/6.17/html/updating_red_hat_satellite/index",
"product_ids": [
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19832"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u0027s standards for usability, deployment, applicability, or stability beyond these configuration-based workarounds.",
"product_ids": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17-capsule:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-capsule:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-capsule:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17-maintenance:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17-utils:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17-utils:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17-utils:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:candlepin-0:4.4.23-1.el9sat.src",
"9Base-satellite-6.17:candlepin-selinux-0:4.4.23-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-0:3.14.0.10-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-bootloaders-redhat-0:202506020000-1.el9sat.src",
"9Base-satellite-6.17:foreman-bootloaders-redhat-tftpboot-0:202506020000-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-cli-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-debug-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-dynflow-sidekiq-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ec2-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-journald-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-libvirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-openstack-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-ovirt-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-pcp-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-postgresql-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-redis-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-service-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-telemetry-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:foreman-vmware-0:3.14.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-foreman_maintain-1:1.10.4-1.el9sat.src",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-katello-0:4.16.0.10-1.el9sat.src",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.noarch",
"9Base-satellite-6.17:rubygem-smart_proxy_openscap-0:0.12.1-1.el9sat.src",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-0:6.17.6-1.el9sat.src",
"9Base-satellite-6.17:satellite-capsule-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-cli-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-common-0:6.17.6-1.el9sat.noarch",
"9Base-satellite-6.17:satellite-obsolete-packages-0:6.17.6-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion"
}
]
}
RHSA-2025:19855
Vulnerability from csaf_redhat - Published: 2025-11-06 02:27 - Updated: 2026-04-08 07:55Summary
Red Hat Security Advisory: Satellite 6.16.5.5 Async Update
Severity
Important
Notes
Topic: An update is now available for Red Hat Satellite 6.16 for RHEL 8 and RHEL 9.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security Fix(es):
* Host registration shows no errors even when built submission fails at the end of Global Registration process
* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)
* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)
* foreman: OS command injection via ct_location and fcct_location parameters (CVE-2025-10622)
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting.
8.0 (High)
Affected products
Fixed
96 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
38 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (&). The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service).
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
126 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Moderate
A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
126 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
|
| Unresolved product id: 9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch | — |
Workaround
|
Threats
Impact
Important
References
26 references
Acknowledgments
stmcyber.pl
Michał Bartoszuk
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Satellite 6.16 for RHEL 8 and RHEL 9.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity Fix(es):\n\n* Host registration shows no errors even when built submission fails at the end of Global Registration process\n\n* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)\n\n* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)\n\n* foreman: OS command injection via ct_location and fcct_location parameters (CVE-2025-10622)\n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19855",
"url": "https://access.redhat.com/errata/RHSA-2025:19855"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2396020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396020"
},
{
"category": "external",
"summary": "2398167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398167"
},
{
"category": "external",
"summary": "2403180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403180"
},
{
"category": "external",
"summary": "SAT-39698",
"url": "https://issues.redhat.com/browse/SAT-39698"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19855.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.16.5.5 Async Update",
"tracking": {
"current_release_date": "2026-04-08T07:55:27+00:00",
"generator": {
"date": "2026-04-08T07:55:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2025:19855",
"initial_release_date": "2025-11-06T02:27:26+00:00",
"revision_history": [
{
"date": "2025-11-06T02:27:26+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-06T02:27:26+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-08T07:55:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.16::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.16::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.16::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.16::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.16::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product": {
"name": "Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.16::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-0:3.12.0.11-1.el8sat.src",
"product": {
"name": "foreman-0:3.12.0.11-1.el8sat.src",
"product_id": "foreman-0:3.12.0.11-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.12.0.11-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rack-0:2.2.20-1.el8sat.src",
"product": {
"name": "rubygem-rack-0:2.2.20-1.el8sat.src",
"product_id": "rubygem-rack-0:2.2.20-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rack@2.2.20-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.16.5.5-1.el8sat.src",
"product": {
"name": "satellite-0:6.16.5.5-1.el8sat.src",
"product_id": "satellite-0:6.16.5.5-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.16.5.5-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.12.0.11-1.el9sat.src",
"product": {
"name": "foreman-0:3.12.0.11-1.el9sat.src",
"product_id": "foreman-0:3.12.0.11-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.12.0.11-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rack-0:2.2.20-1.el9sat.src",
"product": {
"name": "rubygem-rack-0:2.2.20-1.el9sat.src",
"product_id": "rubygem-rack-0:2.2.20-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rack@2.2.20-1.el9sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.16.5.5-1.el9sat.src",
"product": {
"name": "satellite-0:6.16.5.5-1.el9sat.src",
"product_id": "satellite-0:6.16.5.5-1.el9sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.16.5.5-1.el9sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-pcp@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-service-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"product_id": "foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.12.0.11-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rack-0:2.2.20-1.el8sat.noarch",
"product": {
"name": "rubygem-rack-0:2.2.20-1.el8sat.noarch",
"product_id": "rubygem-rack-0:2.2.20-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rack@2.2.20-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.16.5.5-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.16.5.5-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.16.5.5-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.16.5.5-1.el8sat.noarch",
"product_id": "satellite-common-0:6.16.5.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.16.5.5-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.16.5.5-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.16.5.5-1.el8sat.noarch",
"product_id": "satellite-0:6.16.5.5-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.16.5.5-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-pcp@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-service-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-service-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"product": {
"name": "foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"product_id": "foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.12.0.11-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rack-0:2.2.20-1.el9sat.noarch",
"product": {
"name": "rubygem-rack-0:2.2.20-1.el9sat.noarch",
"product_id": "rubygem-rack-0:2.2.20-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rack@2.2.20-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"product": {
"name": "satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"product_id": "satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.16.5.5-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.16.5.5-1.el9sat.noarch",
"product": {
"name": "satellite-common-0:6.16.5.5-1.el9sat.noarch",
"product_id": "satellite-common-0:6.16.5.5-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.16.5.5-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.16.5.5-1.el9sat.noarch",
"product": {
"name": "satellite-0:6.16.5.5-1.el9sat.noarch",
"product_id": "satellite-0:6.16.5.5-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.16.5.5-1.el9sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"product": {
"name": "satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"product_id": "satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.16.5.5-1.el9sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.11-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src"
},
"product_reference": "foreman-0:3.12.0.11-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.5.5-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.16.5.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.5.5-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src"
},
"product_reference": "satellite-0:6.16.5.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.5.5-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.5.5-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.5.5-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.16.5.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.11-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src"
},
"product_reference": "foreman-0:3.12.0.11-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.5.5-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.16.5.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.5.5-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src"
},
"product_reference": "satellite-0:6.16.5.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.5.5-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.5.5-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.5.5-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.16.5.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.11-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src"
},
"product_reference": "foreman-0:3.12.0.11-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.12.0.11-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.5.5-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.16.5.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.5.5-1.el8sat.src as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src"
},
"product_reference": "satellite-0:6.16.5.5-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.5.5-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.5.5-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.5.5-1.el8sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 8",
"product_id": "8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.16.5.5-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.11-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src"
},
"product_reference": "foreman-0:3.12.0.11-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.5.5-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.16.5.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.5.5-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src"
},
"product_reference": "satellite-0:6.16.5.5-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.5.5-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.5.5-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.5.5-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.16.5.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.11-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src"
},
"product_reference": "foreman-0:3.12.0.11-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.5.5-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.16.5.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.5.5-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src"
},
"product_reference": "satellite-0:6.16.5.5-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.5.5-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.5.5-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.5.5-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.16.5.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.12.0.11-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src"
},
"product_reference": "foreman-0:3.12.0.11-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-service-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.12.0.11-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch"
},
"product_reference": "foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.5.5-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch"
},
"product_reference": "satellite-0:6.16.5.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.16.5.5-1.el9sat.src as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src"
},
"product_reference": "satellite-0:6.16.5.5-1.el9sat.src",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.16.5.5-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch"
},
"product_reference": "satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.16.5.5-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch"
},
"product_reference": "satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.16.5.5-1.el9sat.noarch as a component of Red Hat Satellite 6.16 for RHEL 9",
"product_id": "9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
},
"product_reference": "satellite-common-0:6.16.5.5-1.el9sat.noarch",
"relates_to_product_reference": "9Base-satellite-6.16"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Micha\u0142 Bartoszuk"
],
"organization": "stmcyber.pl"
}
],
"cve": "CVE-2025-10622",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2025-09-17T09:07:39.743000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396020"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "foreman: OS command injection via ct_location and fcct_location parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat Satellite due to an OS command injection flaw in the Foreman component. An authenticated user with `edit_settings` permissions can bypass client-side whitelisting for `ct_location` and `fcct_location` parameters, leading to arbitrary command execution on the underlying operating system. This affects Red Hat Satellite versions 6.15, 6.16, 6.17, and 6.18.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-10622"
},
{
"category": "external",
"summary": "RHBZ#2396020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396020"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-10622",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10622"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-10622",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10622"
},
{
"category": "external",
"summary": "https://theforeman.org/security.html#2025-10622",
"url": "https://theforeman.org/security.html#2025-10622"
}
],
"release_date": "2025-11-01T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-06T02:27:26+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19855"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "foreman: OS command injection via ct_location and fcct_location parameters"
},
{
"cve": "CVE-2025-59830",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-25T15:01:07.627558+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2398167"
}
],
"notes": [
{
"category": "description",
"text": "An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (\u0026). The parser counts only \u0026 when enforcing the limit, while still splitting on both \u0026 and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The overall severity of this flaw is Moderate, because most Rack applications are not directly impacted. The vulnerability primarily affects applications or middleware that invoke Rack::QueryParser directly using its default configuration, which accepts both \u0026 and ; as parameter delimiters. This behavior can lead to excessive CPU or memory consumption, resulting only a limited denial-of-service condition.\n\nFor typical applications using Rack::Request, the default request-handling flow applies safe parsing logic and does not exhibit the vulnerable behavior.\n\nIn summary, while the theoretical severity is High, the practical impact is generally Moderate to Low for standard configurations.\n\n```\nAffectedness:\n\nIt should be noted that starting from Rack v3.x, the framework no longer splits query parameters on semicolons. This change was introduced in commit ef1fc0c44e6a4b77c8fcf9b4f3bfa09f04ae8482, effectively mitigating this issue in newer releases.\n\nRack 1.x is also not affected by this vulnerability. The vulnerable parsing logic was introduced in Rack 2.x; earlier versions use a simpler query parsing mechanism that does not expose the same resource exhaustion risk.\n```\n\n~~~\nAdditionally, Ruby 2.x and 3.x versions shipped with Red Hat Enterprise Linux are not affected, as they do not bundle the rack RubyGem by default. Rack is a third-party gem that must be installed separately.\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59830"
},
{
"category": "external",
"summary": "RHBZ#2398167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59830"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71",
"url": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm",
"url": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm"
}
],
"release_date": "2025-09-25T14:37:06.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-06T02:27:26+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19855"
},
{
"category": "workaround",
"details": "No action is required for typical Rack applications that use the framework\u2019s default request-handling mechanisms, as these are not impacted.\n\nFor custom implementations or middleware that directly invoke Rack::QueryParser, administrators should:\n\nUse explicit delimiters: Configure QueryParser to use a specific delimiter (e.g. \u0026) rather than accepting both \u0026 and ;.\n\nLimit request size and parameters: Enforce request size and parameter count limits at upstream layers (such as a web server, reverse proxy, or WAF) to prevent excessive resource consumption.\n\nPrefer safe APIs: Use Rack::Request or other higher-level request parsing APIs, which apply safe defaults and avoid this vulnerability.",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters"
},
{
"cve": "CVE-2025-61919",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-10T20:01:19.001907+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2403180"
}
],
"notes": [
{
"category": "description",
"text": "A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "~~~\n\nAffectedness:\n\nRack 1.x, including 1.6.x, is not affected by this vulnerability. The issue exists only in Rack 2.x and 3.x, where request parsing was refactored into the QueryParser component. Since Rack 1.x does not include this component, it does not contain the vulnerable logic.\n\nRuby 2.x and 3.x versions shipped with Red Hat Enterprise Linux, Red Hat Openshift Core OS (RHOCS) and Red Hat In-Vehicle OS (RHIVOS) are not affected, as they do not bundle the rack RubyGem by default. Rack is a third-party gem that must be installed separately.\n\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src"
],
"known_not_affected": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61919"
},
{
"category": "external",
"summary": "RHBZ#2403180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61919",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61919"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881",
"url": "https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db",
"url": "https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f",
"url": "https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm",
"url": "https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm"
}
],
"release_date": "2025-10-10T19:22:42.454000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-06T02:27:26+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19855"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u0027s standards for usability, deployment, applicability, or stability beyond these configuration-based workarounds.",
"product_ids": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-0:3.12.0.11-1.el8sat.src",
"8Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-0:6.16.5.5-1.el8sat.src",
"8Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el8sat.noarch",
"8Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el8sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-capsule:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-capsule:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-capsule:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16-utils:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16-utils:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16-utils:satellite-common-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-0:3.12.0.11-1.el9sat.src",
"9Base-satellite-6.16:foreman-cli-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-debug-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-dynflow-sidekiq-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ec2-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-journald-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-libvirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-openstack-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-ovirt-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-pcp-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-postgresql-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-redis-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-service-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-telemetry-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:foreman-vmware-0:3.12.0.11-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.noarch",
"9Base-satellite-6.16:rubygem-rack-0:2.2.20-1.el9sat.src",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-0:6.16.5.5-1.el9sat.src",
"9Base-satellite-6.16:satellite-capsule-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-cli-0:6.16.5.5-1.el9sat.noarch",
"9Base-satellite-6.16:satellite-common-0:6.16.5.5-1.el9sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion"
}
]
}
RHSA-2025:19856
Vulnerability from csaf_redhat - Published: 2025-11-06 02:27 - Updated: 2026-04-08 07:55Summary
Red Hat Security Advisory: Satellite 6.15.5.6 Async Update
Severity
Important
Notes
Topic: An update is now available for Red Hat Satellite 6.15 for RHEL 8.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: Red Hat Satellite is a system management solution that allows organizations
to configure and maintain their systems without the necessity to provide
public Internet access to their servers or other client systems. It
performs provisioning and configuration management of predefined standard
operating environments.
Security Fix(es):
* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)
* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)
* foreman: OS command injection via ct_location and fcct_location parameters (CVE-2025-10622)
Users of Red Hat Satellite are advised to upgrade to these updated
packages, which fix these bugs.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting.
8.0 (High)
Affected products
Fixed
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
Threats
Impact
Important
An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (&). The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service).
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
63 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
Threats
Impact
Moderate
A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src | — |
Vendor Fix
fix
Workaround
|
Known not affected
63 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch | — |
Workaround
|
Threats
Impact
Important
References
25 references
Acknowledgments
stmcyber.pl
Michał Bartoszuk
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Satellite 6.15 for RHEL 8.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Satellite is a system management solution that allows organizations\nto configure and maintain their systems without the necessity to provide\npublic Internet access to their servers or other client systems. It\nperforms provisioning and configuration management of predefined standard\noperating environments.\n\nSecurity Fix(es):\n\n* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)\n\n* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)\n\n* foreman: OS command injection via ct_location and fcct_location parameters (CVE-2025-10622)\n\nUsers of Red Hat Satellite are advised to upgrade to these updated\npackages, which fix these bugs.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19856",
"url": "https://access.redhat.com/errata/RHSA-2025:19856"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2396020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396020"
},
{
"category": "external",
"summary": "2398167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398167"
},
{
"category": "external",
"summary": "2403180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403180"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19856.json"
}
],
"title": "Red Hat Security Advisory: Satellite 6.15.5.6 Async Update",
"tracking": {
"current_release_date": "2026-04-08T07:55:27+00:00",
"generator": {
"date": "2026-04-08T07:55:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.5"
}
},
"id": "RHSA-2025:19856",
"initial_release_date": "2025-11-06T02:27:41+00:00",
"revision_history": [
{
"date": "2025-11-06T02:27:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-06T02:27:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-08T07:55:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite:6.15::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_capsule:6.15::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product": {
"name": "Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:satellite_utils:6.15::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite 6"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-0:3.9.1.13-1.el8sat.src",
"product": {
"name": "foreman-0:3.9.1.13-1.el8sat.src",
"product_id": "foreman-0:3.9.1.13-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.9.1.13-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.15.5.6-1.el8sat.src",
"product": {
"name": "satellite-0:6.15.5.6-1.el8sat.src",
"product_id": "satellite-0:6.15.5.6-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.15.5.6-1.el8sat?arch=src"
}
}
},
{
"category": "product_version",
"name": "rubygem-rack-0:2.2.20-1.el8sat.src",
"product": {
"name": "rubygem-rack-0:2.2.20-1.el8sat.src",
"product_id": "rubygem-rack-0:2.2.20-1.el8sat.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rack@2.2.20-1.el8sat?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "foreman-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-cli@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-debug@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ec2@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-journald@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-libvirt@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-openstack@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-ovirt@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-pcp@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-postgresql@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-redis@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-service-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-service-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-service-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-service@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-telemetry@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"product": {
"name": "foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"product_id": "foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/foreman-vmware@3.9.1.13-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-0:6.15.5.6-1.el8sat.noarch",
"product": {
"name": "satellite-0:6.15.5.6-1.el8sat.noarch",
"product_id": "satellite-0:6.15.5.6-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite@6.15.5.6-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"product": {
"name": "satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"product_id": "satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-cli@6.15.5.6-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-common-0:6.15.5.6-1.el8sat.noarch",
"product": {
"name": "satellite-common-0:6.15.5.6-1.el8sat.noarch",
"product_id": "satellite-common-0:6.15.5.6-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-common@6.15.5.6-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"product": {
"name": "satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"product_id": "satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/satellite-capsule@6.15.5.6-1.el8sat?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rubygem-rack-0:2.2.20-1.el8sat.noarch",
"product": {
"name": "rubygem-rack-0:2.2.20-1.el8sat.noarch",
"product_id": "rubygem-rack-0:2.2.20-1.el8sat.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rubygem-rack@2.2.20-1.el8sat?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.13-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src"
},
"product_reference": "foreman-0:3.9.1.13-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.5.6-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.15.5.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.5.6-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src"
},
"product_reference": "satellite-0:6.15.5.6-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.15.5.6-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.15.5.6-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.15.5.6-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.15.5.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-capsule"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.13-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src"
},
"product_reference": "foreman-0:3.9.1.13-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.5.6-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.15.5.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.5.6-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src"
},
"product_reference": "satellite-0:6.15.5.6-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.15.5.6-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.15.5.6-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.15.5.6-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.15.5.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15-utils"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-0:3.9.1.13-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src"
},
"product_reference": "foreman-0:3.9.1.13-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-cli-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-debug-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ec2-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-journald-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-libvirt-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-openstack-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-ovirt-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-pcp-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-postgresql-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-redis-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-service-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-service-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-telemetry-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "foreman-vmware-0:3.9.1.13-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch"
},
"product_reference": "foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rubygem-rack-0:2.2.20-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src"
},
"product_reference": "rubygem-rack-0:2.2.20-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.5.6-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch"
},
"product_reference": "satellite-0:6.15.5.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-0:6.15.5.6-1.el8sat.src as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src"
},
"product_reference": "satellite-0:6.15.5.6-1.el8sat.src",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-capsule-0:6.15.5.6-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch"
},
"product_reference": "satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-cli-0:6.15.5.6-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch"
},
"product_reference": "satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "satellite-common-0:6.15.5.6-1.el8sat.noarch as a component of Red Hat Satellite 6.15 for RHEL 8",
"product_id": "8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
},
"product_reference": "satellite-common-0:6.15.5.6-1.el8sat.noarch",
"relates_to_product_reference": "8Base-satellite-6.15"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Micha\u0142 Bartoszuk"
],
"organization": "stmcyber.pl"
}
],
"cve": "CVE-2025-10622",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2025-09-17T09:07:39.743000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2396020"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Red Hat Satellite (Foreman component). This vulnerability allows an authenticated user with edit_settings permissions to achieve arbitrary command execution on the underlying operating system via insufficient server-side validation of command whitelisting.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "foreman: OS command injection via ct_location and fcct_location parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat Satellite due to an OS command injection flaw in the Foreman component. An authenticated user with `edit_settings` permissions can bypass client-side whitelisting for `ct_location` and `fcct_location` parameters, leading to arbitrary command execution on the underlying operating system. This affects Red Hat Satellite versions 6.15, 6.16, 6.17, and 6.18.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch"
],
"known_not_affected": [
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-10622"
},
{
"category": "external",
"summary": "RHBZ#2396020",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2396020"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-10622",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10622"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-10622",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-10622"
},
{
"category": "external",
"summary": "https://theforeman.org/security.html#2025-10622",
"url": "https://theforeman.org/security.html#2025-10622"
}
],
"release_date": "2025-11-01T23:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-06T02:27:41+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19856"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "foreman: OS command injection via ct_location and fcct_location parameters"
},
{
"cve": "CVE-2025-59830",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-25T15:01:07.627558+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2398167"
}
],
"notes": [
{
"category": "description",
"text": "An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (\u0026). The parser counts only \u0026 when enforcing the limit, while still splitting on both \u0026 and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The overall severity of this flaw is Moderate, because most Rack applications are not directly impacted. The vulnerability primarily affects applications or middleware that invoke Rack::QueryParser directly using its default configuration, which accepts both \u0026 and ; as parameter delimiters. This behavior can lead to excessive CPU or memory consumption, resulting only a limited denial-of-service condition.\n\nFor typical applications using Rack::Request, the default request-handling flow applies safe parsing logic and does not exhibit the vulnerable behavior.\n\nIn summary, while the theoretical severity is High, the practical impact is generally Moderate to Low for standard configurations.\n\n```\nAffectedness:\n\nIt should be noted that starting from Rack v3.x, the framework no longer splits query parameters on semicolons. This change was introduced in commit ef1fc0c44e6a4b77c8fcf9b4f3bfa09f04ae8482, effectively mitigating this issue in newer releases.\n\nRack 1.x is also not affected by this vulnerability. The vulnerable parsing logic was introduced in Rack 2.x; earlier versions use a simpler query parsing mechanism that does not expose the same resource exhaustion risk.\n```\n\n~~~\nAdditionally, Ruby 2.x and 3.x versions shipped with Red Hat Enterprise Linux are not affected, as they do not bundle the rack RubyGem by default. Rack is a third-party gem that must be installed separately.\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59830"
},
{
"category": "external",
"summary": "RHBZ#2398167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59830"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71",
"url": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm",
"url": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm"
}
],
"release_date": "2025-09-25T14:37:06.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-06T02:27:41+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19856"
},
{
"category": "workaround",
"details": "No action is required for typical Rack applications that use the framework\u2019s default request-handling mechanisms, as these are not impacted.\n\nFor custom implementations or middleware that directly invoke Rack::QueryParser, administrators should:\n\nUse explicit delimiters: Configure QueryParser to use a specific delimiter (e.g. \u0026) rather than accepting both \u0026 and ;.\n\nLimit request size and parameters: Enforce request size and parameter count limits at upstream layers (such as a web server, reverse proxy, or WAF) to prevent excessive resource consumption.\n\nPrefer safe APIs: Use Rack::Request or other higher-level request parsing APIs, which apply safe defaults and avoid this vulnerability.",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters"
},
{
"cve": "CVE-2025-61919",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-10T20:01:19.001907+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2403180"
}
],
"notes": [
{
"category": "description",
"text": "A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "~~~\n\nAffectedness:\n\nRack 1.x, including 1.6.x, is not affected by this vulnerability. The issue exists only in Rack 2.x and 3.x, where request parsing was refactored into the QueryParser component. Since Rack 1.x does not include this component, it does not contain the vulnerable logic.\n\nRuby 2.x and 3.x versions shipped with Red Hat Enterprise Linux, Red Hat Openshift Core OS (RHOCS) and Red Hat In-Vehicle OS (RHIVOS) are not affected, as they do not bundle the rack RubyGem by default. Rack is a third-party gem that must be installed separately.\n\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src"
],
"known_not_affected": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61919"
},
{
"category": "external",
"summary": "RHBZ#2403180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61919",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61919"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881",
"url": "https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db",
"url": "https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f",
"url": "https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm",
"url": "https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm"
}
],
"release_date": "2025-10-10T19:22:42.454000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-06T02:27:41+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19856"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u0027s standards for usability, deployment, applicability, or stability beyond these configuration-based workarounds.",
"product_ids": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-capsule:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-capsule:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-capsule:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15-utils:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15-utils:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15-utils:satellite-common-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-0:3.9.1.13-1.el8sat.src",
"8Base-satellite-6.15:foreman-cli-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-debug-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-dynflow-sidekiq-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ec2-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-journald-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-libvirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-openstack-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-ovirt-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-pcp-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-postgresql-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-redis-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-service-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-telemetry-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:foreman-vmware-0:3.9.1.13-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.noarch",
"8Base-satellite-6.15:rubygem-rack-0:2.2.20-1.el8sat.src",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-0:6.15.5.6-1.el8sat.src",
"8Base-satellite-6.15:satellite-capsule-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-cli-0:6.15.5.6-1.el8sat.noarch",
"8Base-satellite-6.15:satellite-common-0:6.15.5.6-1.el8sat.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion"
}
]
}
RHSA-2025:19948
Vulnerability from csaf_redhat - Published: 2025-11-10 01:37 - Updated: 2026-04-29 18:26Summary
Red Hat Security Advisory: pcs security update
Severity
Important
Notes
Topic: An update for pcs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)
* rack: Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion) (CVE-2025-61770)
* rack: Rack's multipart parser buffers large non?file fields entirely in memory, enabling DoS (memory exhaustion) (CVE-2025-61771)
* rack: Rack memory exhaustion denial of service (CVE-2025-61772)
* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (&). The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service).
7.5 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Rack where the Rack::Multipart::Parser buffers the multipart preamble memory without size limits. A remote attacker can send a crafted multipart/form-data request with a very large preamble before its first boundary, causing excessive memory consumption and denial of service crash due to out-of-memory issue.
7.5 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Rack where Rack::Multipart::Parser stores non-file form fields entirely in memory without size limits. An attacker can send a multipart/form-data request with an extremely large text field, causing the server to allocate large amounts of memory which leads to a denial of service crash due to out-of-memory issue.
7.5 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A denial of service flaw has been found in the rubygems rack package. `Rack::Multipart::Parser` can accumulate unbounded data when a multipart part’s header block never terminates with the required blank line (`CRLFCRLF`). The parser keeps appending incoming bytes to memory without a size cap, allowing a remote attacker to exhaust memory and cause a denial of service (DoS).
5.3 (Medium)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.
7.5 (High)
Affected products
Fixed
6 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
40 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)\n\n* rack: Rack\u0027s unbounded multipart preamble buffering enables DoS (memory exhaustion) (CVE-2025-61770)\n\n* rack: Rack\u0027s multipart parser buffers large non?file fields entirely in memory, enabling DoS (memory exhaustion) (CVE-2025-61771)\n\n* rack: Rack memory exhaustion denial of service (CVE-2025-61772)\n\n* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:19948",
"url": "https://access.redhat.com/errata/RHSA-2025:19948"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2398167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398167"
},
{
"category": "external",
"summary": "2402174",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402174"
},
{
"category": "external",
"summary": "2402175",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402175"
},
{
"category": "external",
"summary": "2402200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402200"
},
{
"category": "external",
"summary": "2403180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403180"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_19948.json"
}
],
"title": "Red Hat Security Advisory: pcs security update",
"tracking": {
"current_release_date": "2026-04-29T18:26:17+00:00",
"generator": {
"date": "2026-04-29T18:26:17+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2025:19948",
"initial_release_date": "2025-11-10T01:37:06+00:00",
"revision_history": [
{
"date": "2025-11-10T01:37:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-10T01:37:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-29T18:26:17+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux High Availability AUS (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux High Availability AUS (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.AUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_aus:8.4::highavailability"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HighAvailability EUS EXTENSION (v.8.4)",
"product": {
"name": "Red Hat Enterprise Linux HighAvailability EUS EXTENSION (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.EUS.EXTENSION",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus_long_life:8.4::highavailability"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.8-1.el8_4.8.src",
"product": {
"name": "pcs-0:0.10.8-1.el8_4.8.src",
"product_id": "pcs-0:0.10.8-1.el8_4.8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.8-1.el8_4.8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.10.8-1.el8_4.8.x86_64",
"product": {
"name": "pcs-0:0.10.8-1.el8_4.8.x86_64",
"product_id": "pcs-0:0.10.8-1.el8_4.8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.10.8-1.el8_4.8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"product": {
"name": "pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"product_id": "pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.10.8-1.el8_4.8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.8-1.el8_4.8.src as a component of Red Hat Enterprise Linux High Availability AUS (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src"
},
"product_reference": "pcs-0:0.10.8-1.el8_4.8.src",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.8-1.el8_4.8.x86_64 as a component of Red Hat Enterprise Linux High Availability AUS (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64"
},
"product_reference": "pcs-0:0.10.8-1.el8_4.8.x86_64",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.8-1.el8_4.8.x86_64 as a component of Red Hat Enterprise Linux High Availability AUS (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.AUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.8-1.el8_4.8.src as a component of Red Hat Enterprise Linux HighAvailability EUS EXTENSION (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src"
},
"product_reference": "pcs-0:0.10.8-1.el8_4.8.src",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.10.8-1.el8_4.8.x86_64 as a component of Red Hat Enterprise Linux HighAvailability EUS EXTENSION (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64"
},
"product_reference": "pcs-0:0.10.8-1.el8_4.8.x86_64",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.EUS.EXTENSION"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.10.8-1.el8_4.8.x86_64 as a component of Red Hat Enterprise Linux HighAvailability EUS EXTENSION (v.8.4)",
"product_id": "HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
},
"product_reference": "pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"relates_to_product_reference": "HighAvailability-8.4.0.Z.EUS.EXTENSION"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59830",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-25T15:01:07.627558+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2398167"
}
],
"notes": [
{
"category": "description",
"text": "An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (\u0026). The parser counts only \u0026 when enforcing the limit, while still splitting on both \u0026 and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The overall severity of this flaw is Moderate, because most Rack applications are not directly impacted. The vulnerability primarily affects applications or middleware that invoke Rack::QueryParser directly using its default configuration, which accepts both \u0026 and ; as parameter delimiters. This behavior can lead to excessive CPU or memory consumption, resulting only a limited denial-of-service condition.\n\nFor typical applications using Rack::Request, the default request-handling flow applies safe parsing logic and does not exhibit the vulnerable behavior.\n\nIn summary, while the theoretical severity is High, the practical impact is generally Moderate to Low for standard configurations.\n\n```\nAffectedness:\n\nIt should be noted that starting from Rack v3.x, the framework no longer splits query parameters on semicolons. This change was introduced in commit ef1fc0c44e6a4b77c8fcf9b4f3bfa09f04ae8482, effectively mitigating this issue in newer releases.\n\nRack 1.x is also not affected by this vulnerability. The vulnerable parsing logic was introduced in Rack 2.x; earlier versions use a simpler query parsing mechanism that does not expose the same resource exhaustion risk.\n```\n\n~~~\nAdditionally, Ruby 2.x and 3.x versions shipped with Red Hat Enterprise Linux are not affected, as they do not bundle the rack RubyGem by default. Rack is a third-party gem that must be installed separately.\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59830"
},
{
"category": "external",
"summary": "RHBZ#2398167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59830"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71",
"url": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm",
"url": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm"
}
],
"release_date": "2025-09-25T14:37:06.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-10T01:37:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19948"
},
{
"category": "workaround",
"details": "No action is required for typical Rack applications that use the framework\u2019s default request-handling mechanisms, as these are not impacted.\n\nFor custom implementations or middleware that directly invoke Rack::QueryParser, administrators should:\n\nUse explicit delimiters: Configure QueryParser to use a specific delimiter (e.g. \u0026) rather than accepting both \u0026 and ;.\n\nLimit request size and parameters: Enforce request size and parameter count limits at upstream layers (such as a web server, reverse proxy, or WAF) to prevent excessive resource consumption.\n\nPrefer safe APIs: Use Rack::Request or other higher-level request parsing APIs, which apply safe defaults and avoid this vulnerability.",
"product_ids": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters"
},
{
"cve": "CVE-2025-61770",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-07T15:01:10.718770+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402174"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Rack where the Rack::Multipart::Parser buffers the multipart preamble memory without size limits. A remote attacker can send a crafted multipart/form-data request with a very large preamble before its first boundary, causing excessive memory consumption and denial of service crash due to out-of-memory issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rack: Rack\u0027s unbounded multipart preamble buffering enables DoS (memory exhaustion)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is IMPORTANT because the vulnerability can be exploited over a network and can cause denial of service on such applications that run the vulnerable Rack code. By sending multipart requests with large preambles, an attacker can exhaust memory resources or crash worker processes, leading to service downtime.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61770"
},
{
"category": "external",
"summary": "RHBZ#2402174",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402174"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61770",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61770"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e",
"url": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e",
"url": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd",
"url": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-p543-xpfm-54cp",
"url": "https://github.com/rack/rack/security/advisories/GHSA-p543-xpfm-54cp"
}
],
"release_date": "2025-10-07T14:30:04.552000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-10T01:37:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rack: Rack\u0027s unbounded multipart preamble buffering enables DoS (memory exhaustion)"
},
{
"cve": "CVE-2025-61771",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2025-10-07T15:01:16.223161+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402175"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Rack where Rack::Multipart::Parser stores non-file form fields entirely in memory without size limits. An attacker can send a multipart/form-data request with an extremely large text field, causing the server to allocate large amounts of memory which leads to a denial of service crash due to out-of-memory issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rack: Rack\u0027s multipart parser buffers large non\u2011file fields entirely in memory, enabling DoS (memory exhaustion)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is IMPORTANT because this happens over a network and causes a denial of service. Large non-file fields are buffered in memory instead of being streamed or capped, leading to memory exhaustion and worker crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61771"
},
{
"category": "external",
"summary": "RHBZ#2402175",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402175"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61771",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61771"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e",
"url": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e",
"url": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd",
"url": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-w9pc-fmgc-vxvw",
"url": "https://github.com/rack/rack/security/advisories/GHSA-w9pc-fmgc-vxvw"
}
],
"release_date": "2025-10-07T14:42:53.366000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-10T01:37:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19948"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rack: Rack\u0027s multipart parser buffers large non\u2011file fields entirely in memory, enabling DoS (memory exhaustion)"
},
{
"cve": "CVE-2025-61772",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-07T16:01:57.118202+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402200"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been found in the rubygems rack package. `Rack::Multipart::Parser` can accumulate unbounded data when a multipart part\u2019s header block never terminates with the required blank line (`CRLFCRLF`). The parser keeps appending incoming bytes to memory without a size cap, allowing a remote attacker to exhaust memory and cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rack: Rack memory exhaustion denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk to Red Hat systems is limited to the application which has integrated rack. The host operating system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61772"
},
{
"category": "external",
"summary": "RHBZ#2402200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61772"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e",
"url": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e",
"url": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd",
"url": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-wpv5-97wm-hp9c",
"url": "https://github.com/rack/rack/security/advisories/GHSA-wpv5-97wm-hp9c"
}
],
"release_date": "2025-10-07T15:02:09.895000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-10T01:37:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19948"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rack: Rack memory exhaustion denial of service"
},
{
"cve": "CVE-2025-61919",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-10T20:01:19.001907+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2403180"
}
],
"notes": [
{
"category": "description",
"text": "A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "~~~\n\nAffectedness:\n\nRack 1.x, including 1.6.x, is not affected by this vulnerability. The issue exists only in Rack 2.x and 3.x, where request parsing was refactored into the QueryParser component. Since Rack 1.x does not include this component, it does not contain the vulnerable logic.\n\nRuby 2.x and 3.x versions shipped with Red Hat Enterprise Linux, Red Hat Openshift Core OS (RHOCS) and Red Hat In-Vehicle OS (RHIVOS) are not affected, as they do not bundle the rack RubyGem by default. Rack is a third-party gem that must be installed separately.\n\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61919"
},
{
"category": "external",
"summary": "RHBZ#2403180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61919",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61919"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881",
"url": "https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db",
"url": "https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f",
"url": "https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm",
"url": "https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm"
}
],
"release_date": "2025-10-10T19:22:42.454000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-10T01:37:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:19948"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u0027s standards for usability, deployment, applicability, or stability beyond these configuration-based workarounds.",
"product_ids": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.AUS:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.AUS:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.src",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-0:0.10.8-1.el8_4.8.x86_64",
"HighAvailability-8.4.0.Z.EUS.EXTENSION:pcs-snmp-0:0.10.8-1.el8_4.8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion"
}
]
}
RHSA-2025:20962
Vulnerability from csaf_redhat - Published: 2025-11-11 15:05 - Updated: 2026-04-29 18:26Summary
Red Hat Security Advisory: pcs security update
Severity
Important
Notes
Topic: An update for pcs is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)
* rack: Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion) (CVE-2025-61770)
* rack: Rack's multipart parser buffers large non?file fields entirely in memory, enabling DoS (memory exhaustion) (CVE-2025-61771)
* rack: Rack memory exhaustion denial of service (CVE-2025-61772)
* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (&). The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service).
7.5 (High)
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Rack where the Rack::Multipart::Parser buffers the multipart preamble memory without size limits. A remote attacker can send a crafted multipart/form-data request with a very large preamble before its first boundary, causing excessive memory consumption and denial of service crash due to out-of-memory issue.
7.5 (High)
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Rack where Rack::Multipart::Parser stores non-file form fields entirely in memory without size limits. An attacker can send a multipart/form-data request with an extremely large text field, causing the server to allocate large amounts of memory which leads to a denial of service crash due to out-of-memory issue.
7.5 (High)
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A denial of service flaw has been found in the rubygems rack package. `Rack::Multipart::Parser` can accumulate unbounded data when a multipart part’s header block never terminates with the required blank line (`CRLFCRLF`). The parser keeps appending incoming bytes to memory without a size cap, allowing a remote attacker to exhaust memory and cause a denial of service (DoS).
5.3 (Medium)
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.
7.5 (High)
Affected products
Fixed
18 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
40 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)\n\n* rack: Rack\u0027s unbounded multipart preamble buffering enables DoS (memory exhaustion) (CVE-2025-61770)\n\n* rack: Rack\u0027s multipart parser buffers large non?file fields entirely in memory, enabling DoS (memory exhaustion) (CVE-2025-61771)\n\n* rack: Rack memory exhaustion denial of service (CVE-2025-61772)\n\n* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:20962",
"url": "https://access.redhat.com/errata/RHSA-2025:20962"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2398167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398167"
},
{
"category": "external",
"summary": "2402174",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402174"
},
{
"category": "external",
"summary": "2402175",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402175"
},
{
"category": "external",
"summary": "2402200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402200"
},
{
"category": "external",
"summary": "2403180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403180"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_20962.json"
}
],
"title": "Red Hat Security Advisory: pcs security update",
"tracking": {
"current_release_date": "2026-04-29T18:26:16+00:00",
"generator": {
"date": "2026-04-29T18:26:16+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2025:20962",
"initial_release_date": "2025-11-11T15:05:08+00:00",
"revision_history": [
{
"date": "2025-11-11T15:05:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-11T15:05:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-29T18:26:16+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux High Availability (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux High Availability (v. 9)",
"product_id": "HighAvailability-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::highavailability"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Resilient Storage (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux Resilient Storage (v. 9)",
"product_id": "ResilientStorage-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::resilientstorage"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.11.10-1.el9_7.1.src",
"product": {
"name": "pcs-0:0.11.10-1.el9_7.1.src",
"product_id": "pcs-0:0.11.10-1.el9_7.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.11.10-1.el9_7.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.11.10-1.el9_7.1.ppc64le",
"product": {
"name": "pcs-0:0.11.10-1.el9_7.1.ppc64le",
"product_id": "pcs-0:0.11.10-1.el9_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.11.10-1.el9_7.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"product": {
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"product_id": "pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.11.10-1.el9_7.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.11.10-1.el9_7.1.x86_64",
"product": {
"name": "pcs-0:0.11.10-1.el9_7.1.x86_64",
"product_id": "pcs-0:0.11.10-1.el9_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.11.10-1.el9_7.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"product": {
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"product_id": "pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.11.10-1.el9_7.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.11.10-1.el9_7.1.s390x",
"product": {
"name": "pcs-0:0.11.10-1.el9_7.1.s390x",
"product_id": "pcs-0:0.11.10-1.el9_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.11.10-1.el9_7.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"product": {
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"product_id": "pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.11.10-1.el9_7.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.11.10-1.el9_7.1.aarch64",
"product": {
"name": "pcs-0:0.11.10-1.el9_7.1.aarch64",
"product_id": "pcs-0:0.11.10-1.el9_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.11.10-1.el9_7.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"product": {
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"product_id": "pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.11.10-1.el9_7.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.10-1.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux High Availability (v. 9)",
"product_id": "HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64"
},
"product_reference": "pcs-0:0.11.10-1.el9_7.1.aarch64",
"relates_to_product_reference": "HighAvailability-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.10-1.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux High Availability (v. 9)",
"product_id": "HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le"
},
"product_reference": "pcs-0:0.11.10-1.el9_7.1.ppc64le",
"relates_to_product_reference": "HighAvailability-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.10-1.el9_7.1.s390x as a component of Red Hat Enterprise Linux High Availability (v. 9)",
"product_id": "HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x"
},
"product_reference": "pcs-0:0.11.10-1.el9_7.1.s390x",
"relates_to_product_reference": "HighAvailability-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.10-1.el9_7.1.src as a component of Red Hat Enterprise Linux High Availability (v. 9)",
"product_id": "HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src"
},
"product_reference": "pcs-0:0.11.10-1.el9_7.1.src",
"relates_to_product_reference": "HighAvailability-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.10-1.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux High Availability (v. 9)",
"product_id": "HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64"
},
"product_reference": "pcs-0:0.11.10-1.el9_7.1.x86_64",
"relates_to_product_reference": "HighAvailability-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux High Availability (v. 9)",
"product_id": "HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64"
},
"product_reference": "pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"relates_to_product_reference": "HighAvailability-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux High Availability (v. 9)",
"product_id": "HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le"
},
"product_reference": "pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"relates_to_product_reference": "HighAvailability-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.s390x as a component of Red Hat Enterprise Linux High Availability (v. 9)",
"product_id": "HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x"
},
"product_reference": "pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"relates_to_product_reference": "HighAvailability-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux High Availability (v. 9)",
"product_id": "HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
},
"product_reference": "pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"relates_to_product_reference": "HighAvailability-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.10-1.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 9)",
"product_id": "ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64"
},
"product_reference": "pcs-0:0.11.10-1.el9_7.1.aarch64",
"relates_to_product_reference": "ResilientStorage-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.10-1.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux Resilient Storage (v. 9)",
"product_id": "ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le"
},
"product_reference": "pcs-0:0.11.10-1.el9_7.1.ppc64le",
"relates_to_product_reference": "ResilientStorage-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.10-1.el9_7.1.s390x as a component of Red Hat Enterprise Linux Resilient Storage (v. 9)",
"product_id": "ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x"
},
"product_reference": "pcs-0:0.11.10-1.el9_7.1.s390x",
"relates_to_product_reference": "ResilientStorage-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.10-1.el9_7.1.src as a component of Red Hat Enterprise Linux Resilient Storage (v. 9)",
"product_id": "ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src"
},
"product_reference": "pcs-0:0.11.10-1.el9_7.1.src",
"relates_to_product_reference": "ResilientStorage-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.11.10-1.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 9)",
"product_id": "ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64"
},
"product_reference": "pcs-0:0.11.10-1.el9_7.1.x86_64",
"relates_to_product_reference": "ResilientStorage-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.aarch64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 9)",
"product_id": "ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64"
},
"product_reference": "pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"relates_to_product_reference": "ResilientStorage-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le as a component of Red Hat Enterprise Linux Resilient Storage (v. 9)",
"product_id": "ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le"
},
"product_reference": "pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"relates_to_product_reference": "ResilientStorage-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.s390x as a component of Red Hat Enterprise Linux Resilient Storage (v. 9)",
"product_id": "ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x"
},
"product_reference": "pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"relates_to_product_reference": "ResilientStorage-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.11.10-1.el9_7.1.x86_64 as a component of Red Hat Enterprise Linux Resilient Storage (v. 9)",
"product_id": "ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
},
"product_reference": "pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"relates_to_product_reference": "ResilientStorage-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59830",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-25T15:01:07.627558+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2398167"
}
],
"notes": [
{
"category": "description",
"text": "An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (\u0026). The parser counts only \u0026 when enforcing the limit, while still splitting on both \u0026 and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The overall severity of this flaw is Moderate, because most Rack applications are not directly impacted. The vulnerability primarily affects applications or middleware that invoke Rack::QueryParser directly using its default configuration, which accepts both \u0026 and ; as parameter delimiters. This behavior can lead to excessive CPU or memory consumption, resulting only a limited denial-of-service condition.\n\nFor typical applications using Rack::Request, the default request-handling flow applies safe parsing logic and does not exhibit the vulnerable behavior.\n\nIn summary, while the theoretical severity is High, the practical impact is generally Moderate to Low for standard configurations.\n\n```\nAffectedness:\n\nIt should be noted that starting from Rack v3.x, the framework no longer splits query parameters on semicolons. This change was introduced in commit ef1fc0c44e6a4b77c8fcf9b4f3bfa09f04ae8482, effectively mitigating this issue in newer releases.\n\nRack 1.x is also not affected by this vulnerability. The vulnerable parsing logic was introduced in Rack 2.x; earlier versions use a simpler query parsing mechanism that does not expose the same resource exhaustion risk.\n```\n\n~~~\nAdditionally, Ruby 2.x and 3.x versions shipped with Red Hat Enterprise Linux are not affected, as they do not bundle the rack RubyGem by default. Rack is a third-party gem that must be installed separately.\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59830"
},
{
"category": "external",
"summary": "RHBZ#2398167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59830"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71",
"url": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm",
"url": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm"
}
],
"release_date": "2025-09-25T14:37:06.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-11T15:05:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:20962"
},
{
"category": "workaround",
"details": "No action is required for typical Rack applications that use the framework\u2019s default request-handling mechanisms, as these are not impacted.\n\nFor custom implementations or middleware that directly invoke Rack::QueryParser, administrators should:\n\nUse explicit delimiters: Configure QueryParser to use a specific delimiter (e.g. \u0026) rather than accepting both \u0026 and ;.\n\nLimit request size and parameters: Enforce request size and parameter count limits at upstream layers (such as a web server, reverse proxy, or WAF) to prevent excessive resource consumption.\n\nPrefer safe APIs: Use Rack::Request or other higher-level request parsing APIs, which apply safe defaults and avoid this vulnerability.",
"product_ids": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters"
},
{
"cve": "CVE-2025-61770",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-07T15:01:10.718770+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402174"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Rack where the Rack::Multipart::Parser buffers the multipart preamble memory without size limits. A remote attacker can send a crafted multipart/form-data request with a very large preamble before its first boundary, causing excessive memory consumption and denial of service crash due to out-of-memory issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rack: Rack\u0027s unbounded multipart preamble buffering enables DoS (memory exhaustion)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is IMPORTANT because the vulnerability can be exploited over a network and can cause denial of service on such applications that run the vulnerable Rack code. By sending multipart requests with large preambles, an attacker can exhaust memory resources or crash worker processes, leading to service downtime.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61770"
},
{
"category": "external",
"summary": "RHBZ#2402174",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402174"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61770",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61770"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e",
"url": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e",
"url": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd",
"url": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-p543-xpfm-54cp",
"url": "https://github.com/rack/rack/security/advisories/GHSA-p543-xpfm-54cp"
}
],
"release_date": "2025-10-07T14:30:04.552000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-11T15:05:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:20962"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rack: Rack\u0027s unbounded multipart preamble buffering enables DoS (memory exhaustion)"
},
{
"cve": "CVE-2025-61771",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2025-10-07T15:01:16.223161+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402175"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Rack where Rack::Multipart::Parser stores non-file form fields entirely in memory without size limits. An attacker can send a multipart/form-data request with an extremely large text field, causing the server to allocate large amounts of memory which leads to a denial of service crash due to out-of-memory issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rack: Rack\u0027s multipart parser buffers large non\u2011file fields entirely in memory, enabling DoS (memory exhaustion)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is IMPORTANT because this happens over a network and causes a denial of service. Large non-file fields are buffered in memory instead of being streamed or capped, leading to memory exhaustion and worker crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61771"
},
{
"category": "external",
"summary": "RHBZ#2402175",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402175"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61771",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61771"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e",
"url": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e",
"url": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd",
"url": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-w9pc-fmgc-vxvw",
"url": "https://github.com/rack/rack/security/advisories/GHSA-w9pc-fmgc-vxvw"
}
],
"release_date": "2025-10-07T14:42:53.366000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-11T15:05:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:20962"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rack: Rack\u0027s multipart parser buffers large non\u2011file fields entirely in memory, enabling DoS (memory exhaustion)"
},
{
"cve": "CVE-2025-61772",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-07T16:01:57.118202+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402200"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been found in the rubygems rack package. `Rack::Multipart::Parser` can accumulate unbounded data when a multipart part\u2019s header block never terminates with the required blank line (`CRLFCRLF`). The parser keeps appending incoming bytes to memory without a size cap, allowing a remote attacker to exhaust memory and cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rack: Rack memory exhaustion denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk to Red Hat systems is limited to the application which has integrated rack. The host operating system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61772"
},
{
"category": "external",
"summary": "RHBZ#2402200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61772"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e",
"url": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e",
"url": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd",
"url": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-wpv5-97wm-hp9c",
"url": "https://github.com/rack/rack/security/advisories/GHSA-wpv5-97wm-hp9c"
}
],
"release_date": "2025-10-07T15:02:09.895000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-11T15:05:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:20962"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rack: Rack memory exhaustion denial of service"
},
{
"cve": "CVE-2025-61919",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-10T20:01:19.001907+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2403180"
}
],
"notes": [
{
"category": "description",
"text": "A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "~~~\n\nAffectedness:\n\nRack 1.x, including 1.6.x, is not affected by this vulnerability. The issue exists only in Rack 2.x and 3.x, where request parsing was refactored into the QueryParser component. Since Rack 1.x does not include this component, it does not contain the vulnerable logic.\n\nRuby 2.x and 3.x versions shipped with Red Hat Enterprise Linux, Red Hat Openshift Core OS (RHOCS) and Red Hat In-Vehicle OS (RHIVOS) are not affected, as they do not bundle the rack RubyGem by default. Rack is a third-party gem that must be installed separately.\n\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61919"
},
{
"category": "external",
"summary": "RHBZ#2403180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61919",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61919"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881",
"url": "https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db",
"url": "https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f",
"url": "https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm",
"url": "https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm"
}
],
"release_date": "2025-10-10T19:22:42.454000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-11T15:05:08+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:20962"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u0027s standards for usability, deployment, applicability, or stability beyond these configuration-based workarounds.",
"product_ids": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"HighAvailability-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"HighAvailability-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.src",
"ResilientStorage-9.7.0.Z.MAIN:pcs-0:0.11.10-1.el9_7.1.x86_64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.aarch64",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.ppc64le",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.s390x",
"ResilientStorage-9.7.0.Z.MAIN:pcs-snmp-0:0.11.10-1.el9_7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion"
}
]
}
RHSA-2025:21036
Vulnerability from csaf_redhat - Published: 2025-11-11 19:52 - Updated: 2026-04-29 18:26Summary
Red Hat Security Advisory: pcs security update
Severity
Important
Notes
Topic: An update for pcs is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.
Security Fix(es):
* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)
* rack: Rack's unbounded multipart preamble buffering enables DoS (memory exhaustion) (CVE-2025-61770)
* rack: Rack's multipart parser buffers large non?file fields entirely in memory, enabling DoS (memory exhaustion) (CVE-2025-61771)
* rack: Rack memory exhaustion denial of service (CVE-2025-61772)
* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (&). The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service).
7.5 (High)
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Rack where the Rack::Multipart::Parser buffers the multipart preamble memory without size limits. A remote attacker can send a crafted multipart/form-data request with a very large preamble before its first boundary, causing excessive memory consumption and denial of service crash due to out-of-memory issue.
7.5 (High)
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in Rack where Rack::Multipart::Parser stores non-file form fields entirely in memory without size limits. An attacker can send a multipart/form-data request with an extremely large text field, causing the server to allocate large amounts of memory which leads to a denial of service crash due to out-of-memory issue.
7.5 (High)
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A denial of service flaw has been found in the rubygems rack package. `Rack::Multipart::Parser` can accumulate unbounded data when a multipart part’s header block never terminates with the required blank line (`CRLFCRLF`). The parser keeps appending incoming bytes to memory without a size cap, allowing a remote attacker to exhaust memory and cause a denial of service (DoS).
5.3 (Medium)
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.
7.5 (High)
Affected products
Fixed
10 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
40 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for pcs is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities.\n\nSecurity Fix(es):\n\n* rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters (CVE-2025-59830)\n\n* rack: Rack\u0027s unbounded multipart preamble buffering enables DoS (memory exhaustion) (CVE-2025-61770)\n\n* rack: Rack\u0027s multipart parser buffers large non?file fields entirely in memory, enabling DoS (memory exhaustion) (CVE-2025-61771)\n\n* rack: Rack memory exhaustion denial of service (CVE-2025-61772)\n\n* rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion (CVE-2025-61919)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:21036",
"url": "https://access.redhat.com/errata/RHSA-2025:21036"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2398167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398167"
},
{
"category": "external",
"summary": "2402174",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402174"
},
{
"category": "external",
"summary": "2402175",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402175"
},
{
"category": "external",
"summary": "2402200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402200"
},
{
"category": "external",
"summary": "2403180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403180"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_21036.json"
}
],
"title": "Red Hat Security Advisory: pcs security update",
"tracking": {
"current_release_date": "2026-04-29T18:26:15+00:00",
"generator": {
"date": "2026-04-29T18:26:15+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.7.7"
}
},
"id": "RHSA-2025:21036",
"initial_release_date": "2025-11-11T19:52:06+00:00",
"revision_history": [
{
"date": "2025-11-11T19:52:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-11-11T19:52:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-04-29T18:26:15+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux High Availability (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux High Availability (v. 10)",
"product_id": "HighAvailability-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"product": {
"name": "cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"product_id": "cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cockpit-ha-cluster@0.12.1-1.el10_1.1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.12.1-1.el10_1.1.src",
"product": {
"name": "pcs-0:0.12.1-1.el10_1.1.src",
"product_id": "pcs-0:0.12.1-1.el10_1.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.12.1-1.el10_1.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.12.1-1.el10_1.1.aarch64",
"product": {
"name": "pcs-0:0.12.1-1.el10_1.1.aarch64",
"product_id": "pcs-0:0.12.1-1.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.12.1-1.el10_1.1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"product": {
"name": "pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"product_id": "pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.12.1-1.el10_1.1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.12.1-1.el10_1.1.ppc64le",
"product": {
"name": "pcs-0:0.12.1-1.el10_1.1.ppc64le",
"product_id": "pcs-0:0.12.1-1.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.12.1-1.el10_1.1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"product": {
"name": "pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"product_id": "pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.12.1-1.el10_1.1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.12.1-1.el10_1.1.s390x",
"product": {
"name": "pcs-0:0.12.1-1.el10_1.1.s390x",
"product_id": "pcs-0:0.12.1-1.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.12.1-1.el10_1.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"product": {
"name": "pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"product_id": "pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.12.1-1.el10_1.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "pcs-0:0.12.1-1.el10_1.1.x86_64",
"product": {
"name": "pcs-0:0.12.1-1.el10_1.1.x86_64",
"product_id": "pcs-0:0.12.1-1.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs@0.12.1-1.el10_1.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "pcs-snmp-0:0.12.1-1.el10_1.1.x86_64",
"product": {
"name": "pcs-snmp-0:0.12.1-1.el10_1.1.x86_64",
"product_id": "pcs-snmp-0:0.12.1-1.el10_1.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/pcs-snmp@0.12.1-1.el10_1.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch as a component of Red Hat Enterprise Linux High Availability (v. 10)",
"product_id": "HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch"
},
"product_reference": "cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"relates_to_product_reference": "HighAvailability-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.12.1-1.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux High Availability (v. 10)",
"product_id": "HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64"
},
"product_reference": "pcs-0:0.12.1-1.el10_1.1.aarch64",
"relates_to_product_reference": "HighAvailability-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.12.1-1.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux High Availability (v. 10)",
"product_id": "HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le"
},
"product_reference": "pcs-0:0.12.1-1.el10_1.1.ppc64le",
"relates_to_product_reference": "HighAvailability-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.12.1-1.el10_1.1.s390x as a component of Red Hat Enterprise Linux High Availability (v. 10)",
"product_id": "HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x"
},
"product_reference": "pcs-0:0.12.1-1.el10_1.1.s390x",
"relates_to_product_reference": "HighAvailability-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.12.1-1.el10_1.1.src as a component of Red Hat Enterprise Linux High Availability (v. 10)",
"product_id": "HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src"
},
"product_reference": "pcs-0:0.12.1-1.el10_1.1.src",
"relates_to_product_reference": "HighAvailability-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-0:0.12.1-1.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux High Availability (v. 10)",
"product_id": "HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64"
},
"product_reference": "pcs-0:0.12.1-1.el10_1.1.x86_64",
"relates_to_product_reference": "HighAvailability-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.12.1-1.el10_1.1.aarch64 as a component of Red Hat Enterprise Linux High Availability (v. 10)",
"product_id": "HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64"
},
"product_reference": "pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"relates_to_product_reference": "HighAvailability-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le as a component of Red Hat Enterprise Linux High Availability (v. 10)",
"product_id": "HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le"
},
"product_reference": "pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"relates_to_product_reference": "HighAvailability-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.12.1-1.el10_1.1.s390x as a component of Red Hat Enterprise Linux High Availability (v. 10)",
"product_id": "HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x"
},
"product_reference": "pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"relates_to_product_reference": "HighAvailability-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pcs-snmp-0:0.12.1-1.el10_1.1.x86_64 as a component of Red Hat Enterprise Linux High Availability (v. 10)",
"product_id": "HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
},
"product_reference": "pcs-snmp-0:0.12.1-1.el10_1.1.x86_64",
"relates_to_product_reference": "HighAvailability-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59830",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-25T15:01:07.627558+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2398167"
}
],
"notes": [
{
"category": "description",
"text": "An unsafe default behavior in Rack::QueryParser allows bypass of the params_limit parameter count restriction when query string parameters are delimited by semicolons (;) rather than ampersands (\u0026). The parser counts only \u0026 when enforcing the limit, while still splitting on both \u0026 and ;. As a result, an attacker can supply a crafted HTTP query using ; delimiters to exceed the intended parameter count, potentially causing performance degradation or exhaustion of resources (denial of service).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The overall severity of this flaw is Moderate, because most Rack applications are not directly impacted. The vulnerability primarily affects applications or middleware that invoke Rack::QueryParser directly using its default configuration, which accepts both \u0026 and ; as parameter delimiters. This behavior can lead to excessive CPU or memory consumption, resulting only a limited denial-of-service condition.\n\nFor typical applications using Rack::Request, the default request-handling flow applies safe parsing logic and does not exhibit the vulnerable behavior.\n\nIn summary, while the theoretical severity is High, the practical impact is generally Moderate to Low for standard configurations.\n\n```\nAffectedness:\n\nIt should be noted that starting from Rack v3.x, the framework no longer splits query parameters on semicolons. This change was introduced in commit ef1fc0c44e6a4b77c8fcf9b4f3bfa09f04ae8482, effectively mitigating this issue in newer releases.\n\nRack 1.x is also not affected by this vulnerability. The vulnerable parsing logic was introduced in Rack 2.x; earlier versions use a simpler query parsing mechanism that does not expose the same resource exhaustion risk.\n```\n\n~~~\nAdditionally, Ruby 2.x and 3.x versions shipped with Red Hat Enterprise Linux are not affected, as they do not bundle the rack RubyGem by default. Rack is a third-party gem that must be installed separately.\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59830"
},
{
"category": "external",
"summary": "RHBZ#2398167",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2398167"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59830",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59830"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59830",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59830"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71",
"url": "https://github.com/rack/rack/commit/54e4ffdd5affebcb0c015cc6ae74635c0831ed71"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm",
"url": "https://github.com/rack/rack/security/advisories/GHSA-625h-95r8-8xpm"
}
],
"release_date": "2025-09-25T14:37:06.967000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-11T19:52:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21036"
},
{
"category": "workaround",
"details": "No action is required for typical Rack applications that use the framework\u2019s default request-handling mechanisms, as these are not impacted.\n\nFor custom implementations or middleware that directly invoke Rack::QueryParser, administrators should:\n\nUse explicit delimiters: Configure QueryParser to use a specific delimiter (e.g. \u0026) rather than accepting both \u0026 and ;.\n\nLimit request size and parameters: Enforce request size and parameter count limits at upstream layers (such as a web server, reverse proxy, or WAF) to prevent excessive resource consumption.\n\nPrefer safe APIs: Use Rack::Request or other higher-level request parsing APIs, which apply safe defaults and avoid this vulnerability.",
"product_ids": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters"
},
{
"cve": "CVE-2025-61770",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-07T15:01:10.718770+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402174"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Rack where the Rack::Multipart::Parser buffers the multipart preamble memory without size limits. A remote attacker can send a crafted multipart/form-data request with a very large preamble before its first boundary, causing excessive memory consumption and denial of service crash due to out-of-memory issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rack: Rack\u0027s unbounded multipart preamble buffering enables DoS (memory exhaustion)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is IMPORTANT because the vulnerability can be exploited over a network and can cause denial of service on such applications that run the vulnerable Rack code. By sending multipart requests with large preambles, an attacker can exhaust memory resources or crash worker processes, leading to service downtime.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61770"
},
{
"category": "external",
"summary": "RHBZ#2402174",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402174"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61770",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61770"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61770",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61770"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e",
"url": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e",
"url": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd",
"url": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-p543-xpfm-54cp",
"url": "https://github.com/rack/rack/security/advisories/GHSA-p543-xpfm-54cp"
}
],
"release_date": "2025-10-07T14:30:04.552000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-11T19:52:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21036"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rack: Rack\u0027s unbounded multipart preamble buffering enables DoS (memory exhaustion)"
},
{
"cve": "CVE-2025-61771",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2025-10-07T15:01:16.223161+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402175"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Rack where Rack::Multipart::Parser stores non-file form fields entirely in memory without size limits. An attacker can send a multipart/form-data request with an extremely large text field, causing the server to allocate large amounts of memory which leads to a denial of service crash due to out-of-memory issue.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rack: Rack\u0027s multipart parser buffers large non\u2011file fields entirely in memory, enabling DoS (memory exhaustion)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The impact is IMPORTANT because this happens over a network and causes a denial of service. Large non-file fields are buffered in memory instead of being streamed or capped, leading to memory exhaustion and worker crashes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61771"
},
{
"category": "external",
"summary": "RHBZ#2402175",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402175"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61771",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61771"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61771",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61771"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e",
"url": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e",
"url": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd",
"url": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-w9pc-fmgc-vxvw",
"url": "https://github.com/rack/rack/security/advisories/GHSA-w9pc-fmgc-vxvw"
}
],
"release_date": "2025-10-07T14:42:53.366000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-11T19:52:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21036"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rack: Rack\u0027s multipart parser buffers large non\u2011file fields entirely in memory, enabling DoS (memory exhaustion)"
},
{
"cve": "CVE-2025-61772",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-07T16:01:57.118202+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2402200"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been found in the rubygems rack package. `Rack::Multipart::Parser` can accumulate unbounded data when a multipart part\u2019s header block never terminates with the required blank line (`CRLFCRLF`). The parser keeps appending incoming bytes to memory without a size cap, allowing a remote attacker to exhaust memory and cause a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rack: Rack memory exhaustion denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The availability risk to Red Hat systems is limited to the application which has integrated rack. The host operating system availability is not at risk.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61772"
},
{
"category": "external",
"summary": "RHBZ#2402200",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402200"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61772",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61772"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61772",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61772"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e",
"url": "https://github.com/rack/rack/commit/589127f4ac8b5cf11cf88fb0cd116ffed4d2181e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e",
"url": "https://github.com/rack/rack/commit/d869fed663b113b95a74ad53e1b5cae6ab31f29e"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd",
"url": "https://github.com/rack/rack/commit/e08f78c656c9394d6737c022bde087e0f33336fd"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-wpv5-97wm-hp9c",
"url": "https://github.com/rack/rack/security/advisories/GHSA-wpv5-97wm-hp9c"
}
],
"release_date": "2025-10-07T15:02:09.895000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-11T19:52:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21036"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "rack: Rack memory exhaustion denial of service"
},
{
"cve": "CVE-2025-61919",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-10T20:01:19.001907+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2403180"
}
],
"notes": [
{
"category": "description",
"text": "A memory-exhaustion vulnerability exists in Rack when parsing application/x-www-form-urlencoded request bodies. Rack::Request#POST reads the entire request body into memory without enforcing a maximum length or cap. Attackers can exploit this by sending large form submissions, potentially causing denial of service (DoS) through memory exhaustion. Even with configured parsing limits, the issue occurs before those limits are enforced, allowing unbounded memory allocation proportional to request size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "~~~\n\nAffectedness:\n\nRack 1.x, including 1.6.x, is not affected by this vulnerability. The issue exists only in Rack 2.x and 3.x, where request parsing was refactored into the QueryParser component. Since Rack 1.x does not include this component, it does not contain the vulnerable logic.\n\nRuby 2.x and 3.x versions shipped with Red Hat Enterprise Linux, Red Hat Openshift Core OS (RHOCS) and Red Hat In-Vehicle OS (RHIVOS) are not affected, as they do not bundle the rack RubyGem by default. Rack is a third-party gem that must be installed separately.\n\n~~~",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61919"
},
{
"category": "external",
"summary": "RHBZ#2403180",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2403180"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61919",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61919"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61919",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61919"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881",
"url": "https://github.com/rack/rack/commit/4e2c903991a790ee211a3021808ff4fd6fe82881"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db",
"url": "https://github.com/rack/rack/commit/cbd541e8a3d0c5830a3c9a30d3718ce2e124f9db"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f",
"url": "https://github.com/rack/rack/commit/e179614c4a653283286f5f046428cbb85f21146f"
},
{
"category": "external",
"summary": "https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm",
"url": "https://github.com/rack/rack/security/advisories/GHSA-6xw4-3v39-52mm"
}
],
"release_date": "2025-10-10T19:22:42.454000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-11T19:52:06+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:21036"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u0027s standards for usability, deployment, applicability, or stability beyond these configuration-based workarounds.",
"product_ids": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HighAvailability-10.1.Z:cockpit-ha-cluster-0:0.12.1-1.el10_1.1.noarch",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.src",
"HighAvailability-10.1.Z:pcs-0:0.12.1-1.el10_1.1.x86_64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.aarch64",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.ppc64le",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.s390x",
"HighAvailability-10.1.Z:pcs-snmp-0:0.12.1-1.el10_1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "rubygem-rack: Unbounded read in `Rack::Request` form parsing can lead to memory exhaustion"
}
]
}
WID-SEC-W-2025-2482
Vulnerability from csaf_certbund - Published: 2025-11-03 23:00 - Updated: 2025-12-08 23:00Summary
Red Hat Enterprise Linux: Mehrere Schwachstellen ermöglichen Denial of Service
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- UNIX
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 9
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:9
|
9 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
IBM License Metric Tool <9.2.42
IBM / License Metric Tool
|
<9.2.42 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 9
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:9
|
9 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
IBM License Metric Tool <9.2.42
IBM / License Metric Tool
|
<9.2.42 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 9
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:9
|
9 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
IBM License Metric Tool <9.2.42
IBM / License Metric Tool
|
<9.2.42 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 9
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:9
|
9 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
IBM License Metric Tool <9.2.42
IBM / License Metric Tool
|
<9.2.42 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat Enterprise Linux 9
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:9
|
9 | |
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat Enterprise Linux 10
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:10
|
10 | |
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
IBM License Metric Tool <9.2.42
IBM / License Metric Tool
|
<9.2.42 |
References
27 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2482 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2482.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2482 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2482"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19512 vom 2025-11-03",
"url": "https://access.redhat.com/errata/RHSA-2025:19512"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19513 vom 2025-11-03",
"url": "https://access.redhat.com/errata/RHSA-2025:19513"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-19512 vom 2025-11-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-19512.html"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6048 vom 2025-11-04",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00214.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19647 vom 2025-11-04",
"url": "https://access.redhat.com/errata/RHSA-2025:19647"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19736 vom 2025-11-05",
"url": "https://access.redhat.com/errata/RHSA-2025:19736"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19719 vom 2025-11-04",
"url": "https://access.redhat.com/errata/RHSA-2025:19719"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19733 vom 2025-11-04",
"url": "https://access.redhat.com/errata/RHSA-2025:19733"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19734 vom 2025-11-04",
"url": "https://access.redhat.com/errata/RHSA-2025:19734"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:19719 vom 2025-11-05",
"url": "https://errata.build.resf.org/RLSA-2025:19719"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19855 vom 2025-11-06",
"url": "https://access.redhat.com/errata/RHSA-2025:19855"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19800 vom 2025-11-05",
"url": "https://access.redhat.com/errata/RHSA-2025:19800"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19856 vom 2025-11-06",
"url": "https://access.redhat.com/errata/RHSA-2025:19856"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:19512 vom 2025-11-06",
"url": "https://errata.build.resf.org/RLSA-2025:19512"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19832 vom 2025-11-06",
"url": "https://access.redhat.com/errata/RHSA-2025:19832"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-19719 vom 2025-11-07",
"url": "https://linux.oracle.com/errata/ELSA-2025-19719.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-19513 vom 2025-11-07",
"url": "https://linux.oracle.com/errata/ELSA-2025-19513.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:19948 vom 2025-11-10",
"url": "https://access.redhat.com/errata/RHSA-2025:19948"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:20962 vom 2025-11-11",
"url": "https://access.redhat.com/errata/RHSA-2025:20962"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21036 vom 2025-11-11",
"url": "https://access.redhat.com/errata/RHSA-2025:21036"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:21696 vom 2025-11-18",
"url": "https://access.redhat.com/errata/RHSA-2025:21696"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:20962 vom 2025-11-21",
"url": "https://errata.build.resf.org/RLSA-2025:20962"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-20962 vom 2025-11-26",
"url": "https://linux.oracle.com/errata/ELSA-2025-20962.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-21036 vom 2025-12-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-21036.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7253905 vom 2025-12-09",
"url": "https://www.ibm.com/support/pages/node/7253905"
}
],
"source_lang": "en-US",
"title": "Red Hat Enterprise Linux: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2025-12-08T23:00:00.000+00:00",
"generator": {
"date": "2025-12-09T11:50:37.902+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-2482",
"initial_release_date": "2025-11-03T23:00:00.000+00:00",
"revision_history": [
{
"date": "2025-11-03T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-11-04T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-05T23:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat und Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-11-06T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-11-09T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2025-11-11T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-23T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-11-25T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-12-03T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-12-08T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "11"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.2.42",
"product": {
"name": "IBM License Metric Tool \u003c9.2.42",
"product_id": "T049203"
}
},
{
"category": "product_version",
"name": "9.2.42",
"product": {
"name": "IBM License Metric Tool 9.2.42",
"product_id": "T049203-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:license_metric_tool:9.2.42"
}
}
}
],
"category": "product_name",
"name": "License Metric Tool"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "9",
"product": {
"name": "Red Hat Enterprise Linux 9",
"product_id": "T048290",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:9"
}
}
},
{
"category": "product_version",
"name": "10",
"product": {
"name": "Red Hat Enterprise Linux 10",
"product_id": "T048293",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-59830",
"product_status": {
"known_affected": [
"T048290",
"2951",
"67646",
"T048293",
"T004914",
"T032255",
"T049203"
]
},
"release_date": "2025-11-03T23:00:00.000+00:00",
"title": "CVE-2025-59830"
},
{
"cve": "CVE-2025-61770",
"product_status": {
"known_affected": [
"T048290",
"2951",
"67646",
"T048293",
"T004914",
"T032255",
"T049203"
]
},
"release_date": "2025-11-03T23:00:00.000+00:00",
"title": "CVE-2025-61770"
},
{
"cve": "CVE-2025-61771",
"product_status": {
"known_affected": [
"T048290",
"2951",
"67646",
"T048293",
"T004914",
"T032255",
"T049203"
]
},
"release_date": "2025-11-03T23:00:00.000+00:00",
"title": "CVE-2025-61771"
},
{
"cve": "CVE-2025-61772",
"product_status": {
"known_affected": [
"T048290",
"2951",
"67646",
"T048293",
"T004914",
"T032255",
"T049203"
]
},
"release_date": "2025-11-03T23:00:00.000+00:00",
"title": "CVE-2025-61772"
},
{
"cve": "CVE-2025-61919",
"product_status": {
"known_affected": [
"T048290",
"2951",
"67646",
"T048293",
"T004914",
"T032255",
"T049203"
]
},
"release_date": "2025-11-03T23:00:00.000+00:00",
"title": "CVE-2025-61919"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…