Vulnerability-Lookup

CVE-2025-65637 (GCVE-0-2025-65637)

Vulnerability from cvelistv5 – Published: 2025-12-04 00:00 – Updated: 2025-12-05 21:52

Summary

A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions < 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged.

Severity

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: partial

CISA Coordinator (v2.0.3)

CWE

n/a
CWE-400 - Uncontrolled Resource Consumption

Assigner

mitre

References

8 references

URL	Tags
https://github.com/mjuanxd/logrus-dos-poc
https://github.com/sirupsen/logrus/issues/1370
https://github.com/sirupsen/logrus/pull/1376
https://github.com/sirupsen/logrus/releases/tag/v1.8.3
https://github.com/sirupsen/logrus/releases/tag/v1.9.1
https://github.com/sirupsen/logrus/releases/tag/v1.9.3
https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBC…
https://github.com/mjuanxd/logrus-dos-poc/blob/ma…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-65637",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-05T21:52:30.561592Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-400",
                "description": "CWE-400 Uncontrolled Resource Consumption",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-05T21:52:59.784Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with \"token too long\" and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions \u003c 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-04T18:17:04.939Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/mjuanxd/logrus-dos-poc"
        },
        {
          "url": "https://github.com/sirupsen/logrus/issues/1370"
        },
        {
          "url": "https://github.com/sirupsen/logrus/pull/1376"
        },
        {
          "url": "https://github.com/sirupsen/logrus/releases/tag/v1.8.3"
        },
        {
          "url": "https://github.com/sirupsen/logrus/releases/tag/v1.9.1"
        },
        {
          "url": "https://github.com/sirupsen/logrus/releases/tag/v1.9.3"
        },
        {
          "url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSIRUPSENLOGRUS-5564391"
        },
        {
          "url": "https://github.com/mjuanxd/logrus-dos-poc/blob/main/README.md"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2025-65637",
    "datePublished": "2025-12-04T00:00:00.000Z",
    "dateReserved": "2025-11-18T00:00:00.000Z",
    "dateUpdated": "2025-12-05T21:52:59.784Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2025-65637",
      "date": "2026-06-06",
      "epss": "0.00055",
      "percentile": "0.17444"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-65637\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2025-12-04T19:16:05.223\",\"lastModified\":\"2025-12-23T00:26:00.703\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with \\\"token too long\\\" and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions \u003c 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:turbopuffer:logrus:*:*:*:*:*:go:*:*\",\"versionEndExcluding\":\"1.8.3\",\"matchCriteriaId\":\"B302F48C-A8EA-4FAB-B151-F8492365896C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:turbopuffer:logrus:1.9.0:*:*:*:*:go:*:*\",\"matchCriteriaId\":\"25373732-88E0-4824-B243-9C1E82608B1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:turbopuffer:logrus:1.9.2:*:*:*:*:go:*:*\",\"matchCriteriaId\":\"E59CDE4C-3669-4EA6-AA2D-9BE99FDEC497\"}]}]}],\"references\":[{\"url\":\"https://github.com/mjuanxd/logrus-dos-poc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/mjuanxd/logrus-dos-poc/blob/main/README.md\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/sirupsen/logrus/issues/1370\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/sirupsen/logrus/pull/1376\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://github.com/sirupsen/logrus/releases/tag/v1.8.3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/sirupsen/logrus/releases/tag/v1.9.1\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/sirupsen/logrus/releases/tag/v1.9.3\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSIRUPSENLOGRUS-5564391\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-65637\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-12-05T21:52:30.561592Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-05T21:52:53.941Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://github.com/mjuanxd/logrus-dos-poc\"}, {\"url\": \"https://github.com/sirupsen/logrus/issues/1370\"}, {\"url\": \"https://github.com/sirupsen/logrus/pull/1376\"}, {\"url\": \"https://github.com/sirupsen/logrus/releases/tag/v1.8.3\"}, {\"url\": \"https://github.com/sirupsen/logrus/releases/tag/v1.9.1\"}, {\"url\": \"https://github.com/sirupsen/logrus/releases/tag/v1.9.3\"}, {\"url\": \"https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSIRUPSENLOGRUS-5564391\"}, {\"url\": \"https://github.com/mjuanxd/logrus-dos-poc/blob/main/README.md\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with \\\"token too long\\\" and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions \u003c 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2025-12-04T18:17:04.939Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-65637\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-12-05T21:52:59.784Z\", \"dateReserved\": \"2025-11-18T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2025-12-04T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

RHSA-2026:7885

Vulnerability from csaf_redhat - Published: 2026-04-29 04:17 - Updated: 2026-06-04 18:26

Summary

Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0.18 (golang-github-openstack-k8s-operators-os-diff) security update

Severity

Moderate

Notes

Topic: An update for golang-github-openstack-k8s-operators-os-diff is now available for Red Hat OpenStack Services on OpenShift 18.0.18 (Antelope). Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: Security Fix(es): * github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload (CVE-2025-65637) * Unexpected session resumption in crypto/tls (CVE-2025-68121) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section.

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2025-65637

A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer() processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go’s internal bufio.Scanner, the read operation fails with a “token too long” error, causing the underlying writer pipe to close. In affected versions, this leaves the Writer interface unusable and can disrupt logging functionality, potentially degrading application availability.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src	—	Vendor Fix fix Workaround
Unresolved product id: 9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64	—	Vendor Fix fix Workaround

Threats

Impact Moderate

CVE-2025-68121

A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Affected products

Fixed 4 products

Product	Version	Remediation
Unresolved product id: 9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src	—	Vendor Fix fix
Unresolved product id: 9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64	—	Vendor Fix fix
Unresolved product id: 9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src	—	Vendor Fix fix
Unresolved product id: 9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64	—	Vendor Fix fix

Threats

Impact Moderate

References

25 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:7885	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2418900	external
https://bugzilla.redhat.com/show_bug.cgi?id=2437111	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2025-65637	self
https://bugzilla.redhat.com/show_bug.cgi?id=2418900	external
https://www.cve.org/CVERecord?id=CVE-2025-65637	external
https://nvd.nist.gov/vuln/detail/CVE-2025-65637	external
https://github.com/mjuanxd/logrus-dos-poc	external
https://github.com/mjuanxd/logrus-dos-poc/blob/ma…	external
https://github.com/sirupsen/logrus/issues/1370	external
https://github.com/sirupsen/logrus/pull/1376	external
https://github.com/sirupsen/logrus/releases/tag/v1.8.3	external
https://github.com/sirupsen/logrus/releases/tag/v1.9.1	external
https://github.com/sirupsen/logrus/releases/tag/v1.9.3	external
https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBC…	external
https://access.redhat.com/security/cve/CVE-2025-68121	self
https://bugzilla.redhat.com/show_bug.cgi?id=2437111	external
https://www.cve.org/CVERecord?id=CVE-2025-68121	external
https://nvd.nist.gov/vuln/detail/CVE-2025-68121	external
https://go.dev/cl/737700	external
https://go.dev/issue/77217	external
https://groups.google.com/g/golang-announce/c/K09…	external
https://pkg.go.dev/vuln/GO-2026-4337	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for golang-github-openstack-k8s-operators-os-diff is now\navailable for Red Hat OpenStack Services on OpenShift 18.0.18 (Antelope).\n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "Security Fix(es):\n\n* github.com/sirupsen/logrus: Denial-of-Service due to large single-line\npayload (CVE-2025-65637)\n\n* Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:7885",
        "url": "https://access.redhat.com/errata/RHSA-2026:7885"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "external",
        "summary": "2418900",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418900"
      },
      {
        "category": "external",
        "summary": "2437111",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7885.json"
      }
    ],
    "title": "Red Hat Security Advisory: Red Hat OpenStack Services on OpenShift 18.0.18 (golang-github-openstack-k8s-operators-os-diff) security update",
    "tracking": {
      "current_release_date": "2026-06-04T18:26:52+00:00",
      "generator": {
        "date": "2026-06-04T18:26:52+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.1"
        }
      },
      "id": "RHSA-2026:7885",
      "initial_release_date": "2026-04-29T04:17:03+00:00",
      "revision_history": [
        {
          "date": "2026-04-29T04:17:03+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-04-29T04:17:03+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-04T18:26:52+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat OpenStack Services on OpenShift 18.0",
                "product": {
                  "name": "Red Hat OpenStack Services on OpenShift 18.0",
                  "product_id": "9Base-RHOSO-18.0",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openstack:18.0::el9"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "9Base-RHOSO-TOOLS-18",
                "product": {
                  "name": "9Base-RHOSO-TOOLS-18",
                  "product_id": "9Base-RHOSO-TOOLS-18",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openstack:18.0::el9"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat OpenStack Services on OpenShift"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
                "product": {
                  "name": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
                  "product_id": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-openstack-k8s-operators-os-diff@0.1.1-18.0.20260225161428.32d52e7.el9ost?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64",
                "product": {
                  "name": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64",
                  "product_id": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/golang-github-openstack-k8s-operators-os-diff@0.1.1-18.0.20260225161428.32d52e7.el9ost?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src as a component of Red Hat OpenStack Services on OpenShift 18.0",
          "product_id": "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src"
        },
        "product_reference": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
        "relates_to_product_reference": "9Base-RHOSO-18.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64 as a component of Red Hat OpenStack Services on OpenShift 18.0",
          "product_id": "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64"
        },
        "product_reference": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64",
        "relates_to_product_reference": "9Base-RHOSO-18.0"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src as a component of 9Base-RHOSO-TOOLS-18",
          "product_id": "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src"
        },
        "product_reference": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
        "relates_to_product_reference": "9Base-RHOSO-TOOLS-18"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64 as a component of 9Base-RHOSO-TOOLS-18",
          "product_id": "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64"
        },
        "product_reference": "golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64",
        "relates_to_product_reference": "9Base-RHOSO-TOOLS-18"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-65637",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2025-12-04T19:00:54.313916+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2418900"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer() processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go\u2019s internal bufio.Scanner, the read operation fails with a \u201ctoken too long\u201d error, causing the underlying writer pipe to close. In affected versions, this leaves the Writer interface unusable and can disrupt logging functionality, potentially degrading application availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is categorized as Moderate because its impact is limited to the logging subsystem and requires a specific, non-default usage pattern to trigger\u2014namely, sending a single unbounded line exceeding 64KB through Entry.Writer(). Most Logrus deployments do not expose this interface directly to attacker-controlled input, which raises the attack complexity and reduces realistic exploitability. Additionally, the flaw does not affect confidentiality or integrity, nor does it allow code execution or privilege escalation. The failure results in a controlled degradation of availability (logging becoming non-functional), rather than a broader application outage or systemic compromise. These constrained conditions and limited real-world impact justify treating the issue as moderate rather than important.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
          "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64",
          "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
          "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-65637"
        },
        {
          "category": "external",
          "summary": "RHBZ#2418900",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418900"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-65637",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-65637"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65637",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65637"
        },
        {
          "category": "external",
          "summary": "https://github.com/mjuanxd/logrus-dos-poc",
          "url": "https://github.com/mjuanxd/logrus-dos-poc"
        },
        {
          "category": "external",
          "summary": "https://github.com/mjuanxd/logrus-dos-poc/blob/main/README.md",
          "url": "https://github.com/mjuanxd/logrus-dos-poc/blob/main/README.md"
        },
        {
          "category": "external",
          "summary": "https://github.com/sirupsen/logrus/issues/1370",
          "url": "https://github.com/sirupsen/logrus/issues/1370"
        },
        {
          "category": "external",
          "summary": "https://github.com/sirupsen/logrus/pull/1376",
          "url": "https://github.com/sirupsen/logrus/pull/1376"
        },
        {
          "category": "external",
          "summary": "https://github.com/sirupsen/logrus/releases/tag/v1.8.3",
          "url": "https://github.com/sirupsen/logrus/releases/tag/v1.8.3"
        },
        {
          "category": "external",
          "summary": "https://github.com/sirupsen/logrus/releases/tag/v1.9.1",
          "url": "https://github.com/sirupsen/logrus/releases/tag/v1.9.1"
        },
        {
          "category": "external",
          "summary": "https://github.com/sirupsen/logrus/releases/tag/v1.9.3",
          "url": "https://github.com/sirupsen/logrus/releases/tag/v1.9.3"
        },
        {
          "category": "external",
          "summary": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSIRUPSENLOGRUS-5564391",
          "url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSIRUPSENLOGRUS-5564391"
        }
      ],
      "release_date": "2025-12-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-29T04:17:03+00:00",
          "details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
            "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64",
            "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
            "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7885"
        },
        {
          "category": "workaround",
          "details": "Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability.",
          "product_ids": [
            "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
            "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64",
            "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
            "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
            "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64",
            "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
            "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload"
    },
    {
      "cve": "CVE-2025-68121",
      "discovery_date": "2026-02-05T18:01:30.086058+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2437111"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
          "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64",
          "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
          "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-68121"
        },
        {
          "category": "external",
          "summary": "RHBZ#2437111",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/737700",
          "url": "https://go.dev/cl/737700"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/77217",
          "url": "https://go.dev/issue/77217"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
          "url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2026-4337",
          "url": "https://pkg.go.dev/vuln/GO-2026-4337"
        }
      ],
      "release_date": "2026-02-05T17:48:44.141000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-29T04:17:03+00:00",
          "details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
            "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64",
            "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
            "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:7885"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
            "9Base-RHOSO-18.0:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64",
            "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.src",
            "9Base-RHOSO-TOOLS-18:golang-github-openstack-k8s-operators-os-diff-0:0.1.1-18.0.20260225161428.32d52e7.el9ost.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
    }
  ]
}

RHSA-2026:8325

Vulnerability from csaf_redhat - Published: 2026-04-15 15:24 - Updated: 2026-06-06 19:24

Summary

Red Hat Security Advisory: buildah, crun, podman, runc, and skopeo security update

Severity

Important

Notes

Topic: An update for multiple packages is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details: The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix(es): * runc: container escape via 'masked path' abuse due to mount race conditions (CVE-2025-31133) * runc: container escape with malicious config due to /dev/console mount and related races (CVE-2025-52565) * runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects (CVE-2025-52881) * golang: archive/tar: Unbounded allocation when parsing GNU sparse map (CVE-2025-58183) * golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS (CVE-2025-47913) * github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload (CVE-2025-65637) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2025-31133

A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instead bind-mount the symlink target read-write.

8.2 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Affected products

Fixed 13 products

Product	Version	Remediation
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64	—	Vendor Fix fix Workaround

Known not affected 101 products

Product	Version	Remediation
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround

Threats

Impact Important

CVE-2025-47913

A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic("unreachable") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected products

Fixed 50 products

Product	Version	Remediation
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround

Known not affected 64 products

Product	Version	Remediation
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround

Threats

Impact Important

CVE-2025-52565

A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console bind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.

8.2 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Affected products

Fixed 13 products

Product	Version	Remediation
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64	—	Vendor Fix fix Workaround

Known not affected 101 products

Product	Version	Remediation
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround

Threats

Impact Important

CVE-2025-52881

A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.

8.2 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H

CWE-59 - Improper Link Resolution Before File Access ('Link Following')

Affected products

Fixed 84 products

Product	Version	Remediation
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64	—	Vendor Fix fix Workaround

Known not affected 30 products

Product	Version	Remediation
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround

Threats

Impact Important

CVE-2025-58183

A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-770 - Allocation of Resources Without Limits or Throttling

Affected products

Fixed 88 products

Product	Version	Remediation
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64	—	Vendor Fix fix Workaround

Known not affected 26 products

Product	Version	Remediation
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64	—	Workaround

Threats

Impact Moderate

CVE-2025-65637

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-400 - Uncontrolled Resource Consumption

Affected products

Fixed 84 products

Product	Version	Remediation
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x	—	Vendor Fix fix Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64	—	Vendor Fix fix Workaround

Known not affected 30 products

Product	Version	Remediation
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x	—	Workaround
Unresolved product id: AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64	—	Workaround

Threats

Impact Moderate

References

53 references

URL	Category
https://access.redhat.com/errata/RHSA-2026:8325	self
https://access.redhat.com/security/updates/classi…	external
https://bugzilla.redhat.com/show_bug.cgi?id=2404705	external
https://bugzilla.redhat.com/show_bug.cgi?id=2404708	external
https://bugzilla.redhat.com/show_bug.cgi?id=2404715	external
https://bugzilla.redhat.com/show_bug.cgi?id=2407258	external
https://bugzilla.redhat.com/show_bug.cgi?id=2414943	external
https://bugzilla.redhat.com/show_bug.cgi?id=2418900	external
https://security.access.redhat.com/data/csaf/v2/a…	self
https://access.redhat.com/security/cve/CVE-2025-31133	self
https://bugzilla.redhat.com/show_bug.cgi?id=2404705	external
https://www.cve.org/CVERecord?id=CVE-2025-31133	external
https://nvd.nist.gov/vuln/detail/CVE-2025-31133	external
https://github.com/opencontainers/runc/security/a…	external
https://access.redhat.com/security/cve/CVE-2025-47913	self
https://bugzilla.redhat.com/show_bug.cgi?id=2414943	external
https://www.cve.org/CVERecord?id=CVE-2025-47913	external
https://nvd.nist.gov/vuln/detail/CVE-2025-47913	external
https://github.com/advisories/GHSA-hcg3-q754-cr77	external
https://go.dev/cl/700295	external
https://go.dev/issue/75178	external
https://pkg.go.dev/vuln/GO-2025-4116	external
https://access.redhat.com/security/cve/CVE-2025-52565	self
https://bugzilla.redhat.com/show_bug.cgi?id=2404708	external
https://www.cve.org/CVERecord?id=CVE-2025-52565	external
https://nvd.nist.gov/vuln/detail/CVE-2025-52565	external
https://github.com/opencontainers/runc/security/a…	external
https://access.redhat.com/security/cve/CVE-2025-52881	self
https://bugzilla.redhat.com/show_bug.cgi?id=2404715	external
https://www.cve.org/CVERecord?id=CVE-2025-52881	external
https://nvd.nist.gov/vuln/detail/CVE-2025-52881	external
https://github.com/opencontainers/runc/security/a…	external
https://github.com/opencontainers/selinux/pull/237	external
https://access.redhat.com/security/cve/CVE-2025-58183	self
https://bugzilla.redhat.com/show_bug.cgi?id=2407258	external
https://www.cve.org/CVERecord?id=CVE-2025-58183	external
https://nvd.nist.gov/vuln/detail/CVE-2025-58183	external
https://go.dev/cl/709861	external
https://go.dev/issue/75677	external
https://groups.google.com/g/golang-announce/c/4Em…	external
https://pkg.go.dev/vuln/GO-2025-4014	external
https://access.redhat.com/security/cve/CVE-2025-65637	self
https://bugzilla.redhat.com/show_bug.cgi?id=2418900	external
https://www.cve.org/CVERecord?id=CVE-2025-65637	external
https://nvd.nist.gov/vuln/detail/CVE-2025-65637	external
https://github.com/mjuanxd/logrus-dos-poc	external
https://github.com/mjuanxd/logrus-dos-poc/blob/ma…	external
https://github.com/sirupsen/logrus/issues/1370	external
https://github.com/sirupsen/logrus/pull/1376	external
https://github.com/sirupsen/logrus/releases/tag/v1.8.3	external
https://github.com/sirupsen/logrus/releases/tag/v1.9.1	external
https://github.com/sirupsen/logrus/releases/tag/v1.9.3	external
https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBC…	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for multiple packages is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. \n\nSecurity Fix(es):\n\n* runc: container escape via \u0027masked path\u0027 abuse due to mount race conditions (CVE-2025-31133)\n\n* runc: container escape with malicious config due to /dev/console mount and related races (CVE-2025-52565)\n\n* runc: container escape and denial of service due to arbitrary write gadgets and procfs write redirects (CVE-2025-52881)\n\n* golang: archive/tar: Unbounded allocation when parsing GNU sparse map (CVE-2025-58183)\n\n* golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS (CVE-2025-47913)\n\n* github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload (CVE-2025-65637)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2026:8325",
        "url": "https://access.redhat.com/errata/RHSA-2026:8325"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2404705",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404705"
      },
      {
        "category": "external",
        "summary": "2404708",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
      },
      {
        "category": "external",
        "summary": "2404715",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
      },
      {
        "category": "external",
        "summary": "2407258",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
      },
      {
        "category": "external",
        "summary": "2414943",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
      },
      {
        "category": "external",
        "summary": "2418900",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418900"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_8325.json"
      }
    ],
    "title": "Red Hat Security Advisory: buildah, crun, podman, runc, and skopeo security update",
    "tracking": {
      "current_release_date": "2026-06-06T19:24:36+00:00",
      "generator": {
        "date": "2026-06-06T19:24:36+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.8.2"
        }
      },
      "id": "RHSA-2026:8325",
      "initial_release_date": "2026-04-15T15:24:38+00:00",
      "revision_history": [
        {
          "date": "2026-04-15T15:24:38+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2026-04-15T15:24:38+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-06-06T19:24:36+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
                  "product_id": "AppStream-9.0.0.Z.E4S",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_e4s:9.0::appstream"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "buildah-1:1.26.9-1.el9_0.3.src",
                "product": {
                  "name": "buildah-1:1.26.9-1.el9_0.3.src",
                  "product_id": "buildah-1:1.26.9-1.el9_0.3.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah@1.26.9-1.el9_0.3?arch=src\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-4:1.2.9-1.el9_0.src",
                "product": {
                  "name": "runc-4:1.2.9-1.el9_0.src",
                  "product_id": "runc-4:1.2.9-1.el9_0.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc@1.2.9-1.el9_0?arch=src\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-2:4.2.0-6.el9_0.6.src",
                "product": {
                  "name": "podman-2:4.2.0-6.el9_0.6.src",
                  "product_id": "podman-2:4.2.0-6.el9_0.6.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman@4.2.0-6.el9_0.6?arch=src\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-2:1.8.0-4.1.el9_0.2.src",
                "product": {
                  "name": "skopeo-2:1.8.0-4.1.el9_0.2.src",
                  "product_id": "skopeo-2:1.8.0-4.1.el9_0.2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo@1.8.0-4.1.el9_0.2?arch=src\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-0:1.14.3-1.el9_0.src",
                "product": {
                  "name": "crun-0:1.14.3-1.el9_0.src",
                  "product_id": "crun-0:1.14.3-1.el9_0.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun@1.14.3-1.el9_0?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "buildah-1:1.26.9-1.el9_0.3.aarch64",
                "product": {
                  "name": "buildah-1:1.26.9-1.el9_0.3.aarch64",
                  "product_id": "buildah-1:1.26.9-1.el9_0.3.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah@1.26.9-1.el9_0.3?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
                "product": {
                  "name": "buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
                  "product_id": "buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-tests@1.26.9-1.el9_0.3?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
                "product": {
                  "name": "buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
                  "product_id": "buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-debugsource@1.26.9-1.el9_0.3?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
                "product": {
                  "name": "buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
                  "product_id": "buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-debuginfo@1.26.9-1.el9_0.3?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
                "product": {
                  "name": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
                  "product_id": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.26.9-1.el9_0.3?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-4:1.2.9-1.el9_0.aarch64",
                "product": {
                  "name": "runc-4:1.2.9-1.el9_0.aarch64",
                  "product_id": "runc-4:1.2.9-1.el9_0.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc@1.2.9-1.el9_0?arch=aarch64\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debugsource-4:1.2.9-1.el9_0.aarch64",
                "product": {
                  "name": "runc-debugsource-4:1.2.9-1.el9_0.aarch64",
                  "product_id": "runc-debugsource-4:1.2.9-1.el9_0.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debugsource@1.2.9-1.el9_0?arch=aarch64\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
                "product": {
                  "name": "runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
                  "product_id": "runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debuginfo@1.2.9-1.el9_0?arch=aarch64\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-2:4.2.0-6.el9_0.6.aarch64",
                "product": {
                  "name": "podman-2:4.2.0-6.el9_0.6.aarch64",
                  "product_id": "podman-2:4.2.0-6.el9_0.6.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman@4.2.0-6.el9_0.6?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
                "product": {
                  "name": "podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
                  "product_id": "podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-catatonit@4.2.0-6.el9_0.6?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
                "product": {
                  "name": "podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
                  "product_id": "podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-gvproxy@4.2.0-6.el9_0.6?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
                "product": {
                  "name": "podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
                  "product_id": "podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-plugins@4.2.0-6.el9_0.6?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-2:4.2.0-6.el9_0.6.aarch64",
                "product": {
                  "name": "podman-remote-2:4.2.0-6.el9_0.6.aarch64",
                  "product_id": "podman-remote-2:4.2.0-6.el9_0.6.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-remote@4.2.0-6.el9_0.6?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-tests-2:4.2.0-6.el9_0.6.aarch64",
                "product": {
                  "name": "podman-tests-2:4.2.0-6.el9_0.6.aarch64",
                  "product_id": "podman-tests-2:4.2.0-6.el9_0.6.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-tests@4.2.0-6.el9_0.6?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
                "product": {
                  "name": "podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
                  "product_id": "podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-debugsource@4.2.0-6.el9_0.6?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                "product": {
                  "name": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                  "product_id": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.2.0-6.el9_0.6?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                "product": {
                  "name": "podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                  "product_id": "podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-debuginfo@4.2.0-6.el9_0.6?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                "product": {
                  "name": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                  "product_id": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.2.0-6.el9_0.6?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                "product": {
                  "name": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                  "product_id": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.2.0-6.el9_0.6?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                "product": {
                  "name": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                  "product_id": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.2.0-6.el9_0.6?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
                "product": {
                  "name": "skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
                  "product_id": "skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo@1.8.0-4.1.el9_0.2?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
                "product": {
                  "name": "skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
                  "product_id": "skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-tests@1.8.0-4.1.el9_0.2?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
                "product": {
                  "name": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
                  "product_id": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-debugsource@1.8.0-4.1.el9_0.2?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
                "product": {
                  "name": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
                  "product_id": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-debuginfo@1.8.0-4.1.el9_0.2?arch=aarch64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-0:1.14.3-1.el9_0.aarch64",
                "product": {
                  "name": "crun-0:1.14.3-1.el9_0.aarch64",
                  "product_id": "crun-0:1.14.3-1.el9_0.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun@1.14.3-1.el9_0?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-debugsource-0:1.14.3-1.el9_0.aarch64",
                "product": {
                  "name": "crun-debugsource-0:1.14.3-1.el9_0.aarch64",
                  "product_id": "crun-debugsource-0:1.14.3-1.el9_0.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun-debugsource@1.14.3-1.el9_0?arch=aarch64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
                "product": {
                  "name": "crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
                  "product_id": "crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun-debuginfo@1.14.3-1.el9_0?arch=aarch64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "buildah-1:1.26.9-1.el9_0.3.ppc64le",
                "product": {
                  "name": "buildah-1:1.26.9-1.el9_0.3.ppc64le",
                  "product_id": "buildah-1:1.26.9-1.el9_0.3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah@1.26.9-1.el9_0.3?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
                "product": {
                  "name": "buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
                  "product_id": "buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-tests@1.26.9-1.el9_0.3?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
                "product": {
                  "name": "buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
                  "product_id": "buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-debugsource@1.26.9-1.el9_0.3?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
                "product": {
                  "name": "buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
                  "product_id": "buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-debuginfo@1.26.9-1.el9_0.3?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
                "product": {
                  "name": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
                  "product_id": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.26.9-1.el9_0.3?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-4:1.2.9-1.el9_0.ppc64le",
                "product": {
                  "name": "runc-4:1.2.9-1.el9_0.ppc64le",
                  "product_id": "runc-4:1.2.9-1.el9_0.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc@1.2.9-1.el9_0?arch=ppc64le\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
                "product": {
                  "name": "runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
                  "product_id": "runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debugsource@1.2.9-1.el9_0?arch=ppc64le\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
                "product": {
                  "name": "runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
                  "product_id": "runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debuginfo@1.2.9-1.el9_0?arch=ppc64le\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-2:4.2.0-6.el9_0.6.ppc64le",
                "product": {
                  "name": "podman-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_id": "podman-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman@4.2.0-6.el9_0.6?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
                "product": {
                  "name": "podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_id": "podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-catatonit@4.2.0-6.el9_0.6?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
                "product": {
                  "name": "podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_id": "podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-gvproxy@4.2.0-6.el9_0.6?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
                "product": {
                  "name": "podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_id": "podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-plugins@4.2.0-6.el9_0.6?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
                "product": {
                  "name": "podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_id": "podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-remote@4.2.0-6.el9_0.6?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
                "product": {
                  "name": "podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_id": "podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-tests@4.2.0-6.el9_0.6?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
                "product": {
                  "name": "podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_id": "podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-debugsource@4.2.0-6.el9_0.6?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                "product": {
                  "name": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_id": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.2.0-6.el9_0.6?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                "product": {
                  "name": "podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_id": "podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-debuginfo@4.2.0-6.el9_0.6?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                "product": {
                  "name": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_id": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.2.0-6.el9_0.6?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                "product": {
                  "name": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_id": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.2.0-6.el9_0.6?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                "product": {
                  "name": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_id": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.2.0-6.el9_0.6?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
                "product": {
                  "name": "skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
                  "product_id": "skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo@1.8.0-4.1.el9_0.2?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
                "product": {
                  "name": "skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
                  "product_id": "skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-tests@1.8.0-4.1.el9_0.2?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
                "product": {
                  "name": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
                  "product_id": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-debugsource@1.8.0-4.1.el9_0.2?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
                "product": {
                  "name": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
                  "product_id": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-debuginfo@1.8.0-4.1.el9_0.2?arch=ppc64le\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-0:1.14.3-1.el9_0.ppc64le",
                "product": {
                  "name": "crun-0:1.14.3-1.el9_0.ppc64le",
                  "product_id": "crun-0:1.14.3-1.el9_0.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun@1.14.3-1.el9_0?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
                "product": {
                  "name": "crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
                  "product_id": "crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun-debugsource@1.14.3-1.el9_0?arch=ppc64le"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
                "product": {
                  "name": "crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
                  "product_id": "crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun-debuginfo@1.14.3-1.el9_0?arch=ppc64le"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "buildah-1:1.26.9-1.el9_0.3.x86_64",
                "product": {
                  "name": "buildah-1:1.26.9-1.el9_0.3.x86_64",
                  "product_id": "buildah-1:1.26.9-1.el9_0.3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah@1.26.9-1.el9_0.3?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
                "product": {
                  "name": "buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
                  "product_id": "buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-tests@1.26.9-1.el9_0.3?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
                "product": {
                  "name": "buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
                  "product_id": "buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-debugsource@1.26.9-1.el9_0.3?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
                "product": {
                  "name": "buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
                  "product_id": "buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-debuginfo@1.26.9-1.el9_0.3?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
                "product": {
                  "name": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
                  "product_id": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.26.9-1.el9_0.3?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-4:1.2.9-1.el9_0.x86_64",
                "product": {
                  "name": "runc-4:1.2.9-1.el9_0.x86_64",
                  "product_id": "runc-4:1.2.9-1.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc@1.2.9-1.el9_0?arch=x86_64\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debugsource-4:1.2.9-1.el9_0.x86_64",
                "product": {
                  "name": "runc-debugsource-4:1.2.9-1.el9_0.x86_64",
                  "product_id": "runc-debugsource-4:1.2.9-1.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debugsource@1.2.9-1.el9_0?arch=x86_64\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
                "product": {
                  "name": "runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
                  "product_id": "runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debuginfo@1.2.9-1.el9_0?arch=x86_64\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-2:4.2.0-6.el9_0.6.x86_64",
                "product": {
                  "name": "podman-2:4.2.0-6.el9_0.6.x86_64",
                  "product_id": "podman-2:4.2.0-6.el9_0.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman@4.2.0-6.el9_0.6?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
                "product": {
                  "name": "podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
                  "product_id": "podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-catatonit@4.2.0-6.el9_0.6?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
                "product": {
                  "name": "podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
                  "product_id": "podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-gvproxy@4.2.0-6.el9_0.6?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
                "product": {
                  "name": "podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
                  "product_id": "podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-plugins@4.2.0-6.el9_0.6?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-2:4.2.0-6.el9_0.6.x86_64",
                "product": {
                  "name": "podman-remote-2:4.2.0-6.el9_0.6.x86_64",
                  "product_id": "podman-remote-2:4.2.0-6.el9_0.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-remote@4.2.0-6.el9_0.6?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-tests-2:4.2.0-6.el9_0.6.x86_64",
                "product": {
                  "name": "podman-tests-2:4.2.0-6.el9_0.6.x86_64",
                  "product_id": "podman-tests-2:4.2.0-6.el9_0.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-tests@4.2.0-6.el9_0.6?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
                "product": {
                  "name": "podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
                  "product_id": "podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-debugsource@4.2.0-6.el9_0.6?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                "product": {
                  "name": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                  "product_id": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.2.0-6.el9_0.6?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                "product": {
                  "name": "podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                  "product_id": "podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-debuginfo@4.2.0-6.el9_0.6?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                "product": {
                  "name": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                  "product_id": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.2.0-6.el9_0.6?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                "product": {
                  "name": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                  "product_id": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.2.0-6.el9_0.6?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                "product": {
                  "name": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                  "product_id": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.2.0-6.el9_0.6?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
                "product": {
                  "name": "skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
                  "product_id": "skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo@1.8.0-4.1.el9_0.2?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64",
                "product": {
                  "name": "skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64",
                  "product_id": "skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-tests@1.8.0-4.1.el9_0.2?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
                "product": {
                  "name": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
                  "product_id": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-debugsource@1.8.0-4.1.el9_0.2?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
                "product": {
                  "name": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
                  "product_id": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-debuginfo@1.8.0-4.1.el9_0.2?arch=x86_64\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-0:1.14.3-1.el9_0.x86_64",
                "product": {
                  "name": "crun-0:1.14.3-1.el9_0.x86_64",
                  "product_id": "crun-0:1.14.3-1.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun@1.14.3-1.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-debugsource-0:1.14.3-1.el9_0.x86_64",
                "product": {
                  "name": "crun-debugsource-0:1.14.3-1.el9_0.x86_64",
                  "product_id": "crun-debugsource-0:1.14.3-1.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun-debugsource@1.14.3-1.el9_0?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
                "product": {
                  "name": "crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
                  "product_id": "crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun-debuginfo@1.14.3-1.el9_0?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "buildah-1:1.26.9-1.el9_0.3.s390x",
                "product": {
                  "name": "buildah-1:1.26.9-1.el9_0.3.s390x",
                  "product_id": "buildah-1:1.26.9-1.el9_0.3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah@1.26.9-1.el9_0.3?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-tests-1:1.26.9-1.el9_0.3.s390x",
                "product": {
                  "name": "buildah-tests-1:1.26.9-1.el9_0.3.s390x",
                  "product_id": "buildah-tests-1:1.26.9-1.el9_0.3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-tests@1.26.9-1.el9_0.3?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
                "product": {
                  "name": "buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
                  "product_id": "buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-debugsource@1.26.9-1.el9_0.3?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
                "product": {
                  "name": "buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
                  "product_id": "buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-debuginfo@1.26.9-1.el9_0.3?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
                "product": {
                  "name": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
                  "product_id": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.26.9-1.el9_0.3?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-4:1.2.9-1.el9_0.s390x",
                "product": {
                  "name": "runc-4:1.2.9-1.el9_0.s390x",
                  "product_id": "runc-4:1.2.9-1.el9_0.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc@1.2.9-1.el9_0?arch=s390x\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debugsource-4:1.2.9-1.el9_0.s390x",
                "product": {
                  "name": "runc-debugsource-4:1.2.9-1.el9_0.s390x",
                  "product_id": "runc-debugsource-4:1.2.9-1.el9_0.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debugsource@1.2.9-1.el9_0?arch=s390x\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "runc-debuginfo-4:1.2.9-1.el9_0.s390x",
                "product": {
                  "name": "runc-debuginfo-4:1.2.9-1.el9_0.s390x",
                  "product_id": "runc-debuginfo-4:1.2.9-1.el9_0.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/runc-debuginfo@1.2.9-1.el9_0?arch=s390x\u0026epoch=4"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-2:4.2.0-6.el9_0.6.s390x",
                "product": {
                  "name": "podman-2:4.2.0-6.el9_0.6.s390x",
                  "product_id": "podman-2:4.2.0-6.el9_0.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman@4.2.0-6.el9_0.6?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
                "product": {
                  "name": "podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
                  "product_id": "podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-catatonit@4.2.0-6.el9_0.6?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
                "product": {
                  "name": "podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
                  "product_id": "podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-gvproxy@4.2.0-6.el9_0.6?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-plugins-2:4.2.0-6.el9_0.6.s390x",
                "product": {
                  "name": "podman-plugins-2:4.2.0-6.el9_0.6.s390x",
                  "product_id": "podman-plugins-2:4.2.0-6.el9_0.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-plugins@4.2.0-6.el9_0.6?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-2:4.2.0-6.el9_0.6.s390x",
                "product": {
                  "name": "podman-remote-2:4.2.0-6.el9_0.6.s390x",
                  "product_id": "podman-remote-2:4.2.0-6.el9_0.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-remote@4.2.0-6.el9_0.6?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-tests-2:4.2.0-6.el9_0.6.s390x",
                "product": {
                  "name": "podman-tests-2:4.2.0-6.el9_0.6.s390x",
                  "product_id": "podman-tests-2:4.2.0-6.el9_0.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-tests@4.2.0-6.el9_0.6?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
                "product": {
                  "name": "podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
                  "product_id": "podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-debugsource@4.2.0-6.el9_0.6?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                "product": {
                  "name": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                  "product_id": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.2.0-6.el9_0.6?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                "product": {
                  "name": "podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                  "product_id": "podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-debuginfo@4.2.0-6.el9_0.6?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                "product": {
                  "name": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                  "product_id": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.2.0-6.el9_0.6?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                "product": {
                  "name": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                  "product_id": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.2.0-6.el9_0.6?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                "product": {
                  "name": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                  "product_id": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.2.0-6.el9_0.6?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-2:1.8.0-4.1.el9_0.2.s390x",
                "product": {
                  "name": "skopeo-2:1.8.0-4.1.el9_0.2.s390x",
                  "product_id": "skopeo-2:1.8.0-4.1.el9_0.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo@1.8.0-4.1.el9_0.2?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
                "product": {
                  "name": "skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
                  "product_id": "skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-tests@1.8.0-4.1.el9_0.2?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
                "product": {
                  "name": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
                  "product_id": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-debugsource@1.8.0-4.1.el9_0.2?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
                "product": {
                  "name": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
                  "product_id": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/skopeo-debuginfo@1.8.0-4.1.el9_0.2?arch=s390x\u0026epoch=2"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-0:1.14.3-1.el9_0.s390x",
                "product": {
                  "name": "crun-0:1.14.3-1.el9_0.s390x",
                  "product_id": "crun-0:1.14.3-1.el9_0.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun@1.14.3-1.el9_0?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-debugsource-0:1.14.3-1.el9_0.s390x",
                "product": {
                  "name": "crun-debugsource-0:1.14.3-1.el9_0.s390x",
                  "product_id": "crun-debugsource-0:1.14.3-1.el9_0.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun-debugsource@1.14.3-1.el9_0?arch=s390x"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "crun-debuginfo-0:1.14.3-1.el9_0.s390x",
                "product": {
                  "name": "crun-debuginfo-0:1.14.3-1.el9_0.s390x",
                  "product_id": "crun-debuginfo-0:1.14.3-1.el9_0.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/crun-debuginfo@1.14.3-1.el9_0?arch=s390x"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "podman-docker-2:4.2.0-6.el9_0.6.noarch",
                "product": {
                  "name": "podman-docker-2:4.2.0-6.el9_0.6.noarch",
                  "product_id": "podman-docker-2:4.2.0-6.el9_0.6.noarch",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/podman-docker@4.2.0-6.el9_0.6?arch=noarch\u0026epoch=2"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-1:1.26.9-1.el9_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64"
        },
        "product_reference": "buildah-1:1.26.9-1.el9_0.3.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-1:1.26.9-1.el9_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le"
        },
        "product_reference": "buildah-1:1.26.9-1.el9_0.3.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-1:1.26.9-1.el9_0.3.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x"
        },
        "product_reference": "buildah-1:1.26.9-1.el9_0.3.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-1:1.26.9-1.el9_0.3.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src"
        },
        "product_reference": "buildah-1:1.26.9-1.el9_0.3.src",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-1:1.26.9-1.el9_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64"
        },
        "product_reference": "buildah-1:1.26.9-1.el9_0.3.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64"
        },
        "product_reference": "buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le"
        },
        "product_reference": "buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x"
        },
        "product_reference": "buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64"
        },
        "product_reference": "buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64"
        },
        "product_reference": "buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le"
        },
        "product_reference": "buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-debugsource-1:1.26.9-1.el9_0.3.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x"
        },
        "product_reference": "buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64"
        },
        "product_reference": "buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-tests-1:1.26.9-1.el9_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64"
        },
        "product_reference": "buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-tests-1:1.26.9-1.el9_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le"
        },
        "product_reference": "buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-tests-1:1.26.9-1.el9_0.3.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x"
        },
        "product_reference": "buildah-tests-1:1.26.9-1.el9_0.3.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-tests-1:1.26.9-1.el9_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64"
        },
        "product_reference": "buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64"
        },
        "product_reference": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le"
        },
        "product_reference": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x"
        },
        "product_reference": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64"
        },
        "product_reference": "buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-0:1.14.3-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64"
        },
        "product_reference": "crun-0:1.14.3-1.el9_0.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-0:1.14.3-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le"
        },
        "product_reference": "crun-0:1.14.3-1.el9_0.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-0:1.14.3-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x"
        },
        "product_reference": "crun-0:1.14.3-1.el9_0.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-0:1.14.3-1.el9_0.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src"
        },
        "product_reference": "crun-0:1.14.3-1.el9_0.src",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-0:1.14.3-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64"
        },
        "product_reference": "crun-0:1.14.3-1.el9_0.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-debuginfo-0:1.14.3-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64"
        },
        "product_reference": "crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-debuginfo-0:1.14.3-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le"
        },
        "product_reference": "crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-debuginfo-0:1.14.3-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x"
        },
        "product_reference": "crun-debuginfo-0:1.14.3-1.el9_0.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-debuginfo-0:1.14.3-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64"
        },
        "product_reference": "crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-debugsource-0:1.14.3-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64"
        },
        "product_reference": "crun-debugsource-0:1.14.3-1.el9_0.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-debugsource-0:1.14.3-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le"
        },
        "product_reference": "crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-debugsource-0:1.14.3-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x"
        },
        "product_reference": "crun-debugsource-0:1.14.3-1.el9_0.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "crun-debugsource-0:1.14.3-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64"
        },
        "product_reference": "crun-debugsource-0:1.14.3-1.el9_0.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-2:4.2.0-6.el9_0.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64"
        },
        "product_reference": "podman-2:4.2.0-6.el9_0.6.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-2:4.2.0-6.el9_0.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le"
        },
        "product_reference": "podman-2:4.2.0-6.el9_0.6.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-2:4.2.0-6.el9_0.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x"
        },
        "product_reference": "podman-2:4.2.0-6.el9_0.6.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-2:4.2.0-6.el9_0.6.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src"
        },
        "product_reference": "podman-2:4.2.0-6.el9_0.6.src",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-2:4.2.0-6.el9_0.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64"
        },
        "product_reference": "podman-2:4.2.0-6.el9_0.6.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-catatonit-2:4.2.0-6.el9_0.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64"
        },
        "product_reference": "podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le"
        },
        "product_reference": "podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-catatonit-2:4.2.0-6.el9_0.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x"
        },
        "product_reference": "podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-catatonit-2:4.2.0-6.el9_0.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64"
        },
        "product_reference": "podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64"
        },
        "product_reference": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le"
        },
        "product_reference": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x"
        },
        "product_reference": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64"
        },
        "product_reference": "podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64"
        },
        "product_reference": "podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le"
        },
        "product_reference": "podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-debuginfo-2:4.2.0-6.el9_0.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x"
        },
        "product_reference": "podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64"
        },
        "product_reference": "podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-debugsource-2:4.2.0-6.el9_0.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64"
        },
        "product_reference": "podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le"
        },
        "product_reference": "podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-debugsource-2:4.2.0-6.el9_0.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x"
        },
        "product_reference": "podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-debugsource-2:4.2.0-6.el9_0.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64"
        },
        "product_reference": "podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-docker-2:4.2.0-6.el9_0.6.noarch as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch"
        },
        "product_reference": "podman-docker-2:4.2.0-6.el9_0.6.noarch",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64"
        },
        "product_reference": "podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le"
        },
        "product_reference": "podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-gvproxy-2:4.2.0-6.el9_0.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x"
        },
        "product_reference": "podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64"
        },
        "product_reference": "podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64"
        },
        "product_reference": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le"
        },
        "product_reference": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x"
        },
        "product_reference": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64"
        },
        "product_reference": "podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-plugins-2:4.2.0-6.el9_0.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64"
        },
        "product_reference": "podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-plugins-2:4.2.0-6.el9_0.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le"
        },
        "product_reference": "podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-plugins-2:4.2.0-6.el9_0.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x"
        },
        "product_reference": "podman-plugins-2:4.2.0-6.el9_0.6.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-plugins-2:4.2.0-6.el9_0.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64"
        },
        "product_reference": "podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64"
        },
        "product_reference": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le"
        },
        "product_reference": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x"
        },
        "product_reference": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64"
        },
        "product_reference": "podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-2:4.2.0-6.el9_0.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64"
        },
        "product_reference": "podman-remote-2:4.2.0-6.el9_0.6.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-2:4.2.0-6.el9_0.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le"
        },
        "product_reference": "podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-2:4.2.0-6.el9_0.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x"
        },
        "product_reference": "podman-remote-2:4.2.0-6.el9_0.6.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-2:4.2.0-6.el9_0.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64"
        },
        "product_reference": "podman-remote-2:4.2.0-6.el9_0.6.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64"
        },
        "product_reference": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le"
        },
        "product_reference": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x"
        },
        "product_reference": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64"
        },
        "product_reference": "podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-tests-2:4.2.0-6.el9_0.6.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64"
        },
        "product_reference": "podman-tests-2:4.2.0-6.el9_0.6.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-tests-2:4.2.0-6.el9_0.6.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le"
        },
        "product_reference": "podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-tests-2:4.2.0-6.el9_0.6.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x"
        },
        "product_reference": "podman-tests-2:4.2.0-6.el9_0.6.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "podman-tests-2:4.2.0-6.el9_0.6.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64"
        },
        "product_reference": "podman-tests-2:4.2.0-6.el9_0.6.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-4:1.2.9-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64"
        },
        "product_reference": "runc-4:1.2.9-1.el9_0.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-4:1.2.9-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le"
        },
        "product_reference": "runc-4:1.2.9-1.el9_0.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-4:1.2.9-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x"
        },
        "product_reference": "runc-4:1.2.9-1.el9_0.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-4:1.2.9-1.el9_0.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src"
        },
        "product_reference": "runc-4:1.2.9-1.el9_0.src",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-4:1.2.9-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64"
        },
        "product_reference": "runc-4:1.2.9-1.el9_0.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debuginfo-4:1.2.9-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64"
        },
        "product_reference": "runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debuginfo-4:1.2.9-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le"
        },
        "product_reference": "runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debuginfo-4:1.2.9-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x"
        },
        "product_reference": "runc-debuginfo-4:1.2.9-1.el9_0.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debuginfo-4:1.2.9-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64"
        },
        "product_reference": "runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debugsource-4:1.2.9-1.el9_0.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64"
        },
        "product_reference": "runc-debugsource-4:1.2.9-1.el9_0.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debugsource-4:1.2.9-1.el9_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le"
        },
        "product_reference": "runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debugsource-4:1.2.9-1.el9_0.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x"
        },
        "product_reference": "runc-debugsource-4:1.2.9-1.el9_0.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "runc-debugsource-4:1.2.9-1.el9_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64"
        },
        "product_reference": "runc-debugsource-4:1.2.9-1.el9_0.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-2:1.8.0-4.1.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64"
        },
        "product_reference": "skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-2:1.8.0-4.1.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le"
        },
        "product_reference": "skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-2:1.8.0-4.1.el9_0.2.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x"
        },
        "product_reference": "skopeo-2:1.8.0-4.1.el9_0.2.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-2:1.8.0-4.1.el9_0.2.src as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src"
        },
        "product_reference": "skopeo-2:1.8.0-4.1.el9_0.2.src",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-2:1.8.0-4.1.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64"
        },
        "product_reference": "skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64"
        },
        "product_reference": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le"
        },
        "product_reference": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x"
        },
        "product_reference": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64"
        },
        "product_reference": "skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64"
        },
        "product_reference": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le"
        },
        "product_reference": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x"
        },
        "product_reference": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64"
        },
        "product_reference": "skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64"
        },
        "product_reference": "skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le"
        },
        "product_reference": "skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x"
        },
        "product_reference": "skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v.9.0)",
          "product_id": "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
        },
        "product_reference": "skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64",
        "relates_to_product_reference": "AppStream-9.0.0.Z.E4S"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-31133",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "discovery_date": "2025-10-17T14:17:18.235000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2404705"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container\u0027s /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instead bind-mount the symlink target read-write.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "runc: container escape via \u0027masked path\u0027 abuse due to mount race conditions",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64"
        ],
        "known_not_affected": [
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-31133"
        },
        {
          "category": "external",
          "summary": "RHBZ#2404705",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404705"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-31133",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-31133",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31133"
        },
        {
          "category": "external",
          "summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2",
          "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2"
        }
      ],
      "release_date": "2025-11-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-15T15:24:38+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:8325"
        },
        {
          "category": "workaround",
          "details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix\nDAC and thus user namespaces stop a container process from being able to write to them.\n\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n\n* Depending on the maskedPath configuration (the default configuratio nonly masks paths in /proc and /sys), using an AppArmor that blocks unexpectedwrites to any maskedPaths (as is the case with the defaultprofile used by Docker and Podman) will block attempts to exploit this issue. However, CVE-2025-52881 allows an attacker to bypass LSMlabels, and so this mitigation is not helpful when considered incombination with CVE-2025-52881.",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "runc: container escape via \u0027masked path\u0027 abuse due to mount race conditions"
    },
    {
      "cve": "CVE-2025-47913",
      "discovery_date": "2025-11-13T22:01:26.092452+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2414943"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64"
        ],
        "known_not_affected": [
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-47913"
        },
        {
          "category": "external",
          "summary": "RHBZ#2414943",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
        },
        {
          "category": "external",
          "summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
          "url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/700295",
          "url": "https://go.dev/cl/700295"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/75178",
          "url": "https://go.dev/issue/75178"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2025-4116",
          "url": "https://pkg.go.dev/vuln/GO-2025-4116"
        }
      ],
      "release_date": "2025-11-13T21:29:39.907000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-15T15:24:38+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:8325"
        },
        {
          "category": "workaround",
          "details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
    },
    {
      "cve": "CVE-2025-52565",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "discovery_date": "2025-10-17T14:19:18.653000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2404708"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in runc. CVE-2025-52565 is very similar in concept and application toCVE-2025-31133, except that it exploits a flaw in /dev/console\nbind-mounts. When creating the /dev/console bind-mount (to /dev/pts/$n), if an attacker replaces /dev/pts/$n with a symlink then runc will bind-mount the symlink target over /dev/console.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "runc: container escape with malicious config due to /dev/console mount and related races",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64"
        ],
        "known_not_affected": [
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-52565"
        },
        {
          "category": "external",
          "summary": "RHBZ#2404708",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404708"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-52565",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-52565"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52565"
        },
        {
          "category": "external",
          "summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r",
          "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-qw9x-cqr3-wc7r"
        }
      ],
      "release_date": "2025-11-05T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-15T15:24:38+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:8325"
        },
        {
          "category": "workaround",
          "details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix DAC and thus user namespaces stop a container process from being able to write to them.\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n* The default SELinux policy should mitigate this issue, as the /dev/console bind-mount does not re-label the mount and so the container process should not be able to write to unsafe procfs files. However, CVE-2025-52881 allows an attacker to bypass LSM labels, and so this mitigation is not helpful when considered in combination with CVE-2025-52881.\n* The default AppArmor profile used by most runtimes will NOT help mitigate this issue, as /dev/console access is permitted. You could create a custom profile that blocks access to /dev/console, but such a profile might break regular containers. In addition, CVE-2025-52881 allows an attacker to bypass LSM labels, and so that mitigation is not helpful when considered in combination with CVE-2025-52881.",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "runc: container escape with malicious config due to /dev/console mount and related races"
    },
    {
      "cve": "CVE-2025-52881",
      "cwe": {
        "id": "CWE-59",
        "name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
      },
      "discovery_date": "2025-10-17T14:19:18.652000+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2404715"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64"
        ],
        "known_not_affected": [
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-52881"
        },
        {
          "category": "external",
          "summary": "RHBZ#2404715",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
        },
        {
          "category": "external",
          "summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
          "url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
        },
        {
          "category": "external",
          "summary": "https://github.com/opencontainers/selinux/pull/237",
          "url": "https://github.com/opencontainers/selinux/pull/237"
        }
      ],
      "release_date": "2025-11-05T09:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-15T15:24:38+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:8325"
        },
        {
          "category": "workaround",
          "details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
    },
    {
      "cve": "CVE-2025-58183",
      "cwe": {
        "id": "CWE-770",
        "name": "Allocation of Resources Without Limits or Throttling"
      },
      "discovery_date": "2025-10-29T23:01:50.573951+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2407258"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
        ],
        "known_not_affected": [
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-58183"
        },
        {
          "category": "external",
          "summary": "RHBZ#2407258",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
        },
        {
          "category": "external",
          "summary": "https://go.dev/cl/709861",
          "url": "https://go.dev/cl/709861"
        },
        {
          "category": "external",
          "summary": "https://go.dev/issue/75677",
          "url": "https://go.dev/issue/75677"
        },
        {
          "category": "external",
          "summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
          "url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
        },
        {
          "category": "external",
          "summary": "https://pkg.go.dev/vuln/GO-2025-4014",
          "url": "https://pkg.go.dev/vuln/GO-2025-4014"
        }
      ],
      "release_date": "2025-10-29T22:10:14.376000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-15T15:24:38+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:8325"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
    },
    {
      "cve": "CVE-2025-65637",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "discovery_date": "2025-12-04T19:00:54.313916+00:00",
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2418900"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A denial-of-service vulnerability in github.com/sirupsen/logrus occurs when Entry.Writer() processes a single-line payload larger than 64KB with no newline characters. Due to a limitation in Go\u2019s internal bufio.Scanner, the read operation fails with a \u201ctoken too long\u201d error, causing the underlying writer pipe to close. In affected versions, this leaves the Writer interface unusable and can disrupt logging functionality, potentially degrading application availability.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is categorized as Moderate because its impact is limited to the logging subsystem and requires a specific, non-default usage pattern to trigger\u2014namely, sending a single unbounded line exceeding 64KB through Entry.Writer(). Most Logrus deployments do not expose this interface directly to attacker-controlled input, which raises the attack complexity and reduces realistic exploitability. Additionally, the flaw does not affect confidentiality or integrity, nor does it allow code execution or privilege escalation. The failure results in a controlled degradation of availability (logging becoming non-functional), rather than a broader application outage or systemic compromise. These constrained conditions and limited real-world impact justify treating the issue as moderate rather than important.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
          "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
          "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
          "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
          "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
          "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64"
        ],
        "known_not_affected": [
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
          "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
          "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
          "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
          "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-65637"
        },
        {
          "category": "external",
          "summary": "RHBZ#2418900",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418900"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-65637",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-65637"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65637",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65637"
        },
        {
          "category": "external",
          "summary": "https://github.com/mjuanxd/logrus-dos-poc",
          "url": "https://github.com/mjuanxd/logrus-dos-poc"
        },
        {
          "category": "external",
          "summary": "https://github.com/mjuanxd/logrus-dos-poc/blob/main/README.md",
          "url": "https://github.com/mjuanxd/logrus-dos-poc/blob/main/README.md"
        },
        {
          "category": "external",
          "summary": "https://github.com/sirupsen/logrus/issues/1370",
          "url": "https://github.com/sirupsen/logrus/issues/1370"
        },
        {
          "category": "external",
          "summary": "https://github.com/sirupsen/logrus/pull/1376",
          "url": "https://github.com/sirupsen/logrus/pull/1376"
        },
        {
          "category": "external",
          "summary": "https://github.com/sirupsen/logrus/releases/tag/v1.8.3",
          "url": "https://github.com/sirupsen/logrus/releases/tag/v1.8.3"
        },
        {
          "category": "external",
          "summary": "https://github.com/sirupsen/logrus/releases/tag/v1.9.1",
          "url": "https://github.com/sirupsen/logrus/releases/tag/v1.9.1"
        },
        {
          "category": "external",
          "summary": "https://github.com/sirupsen/logrus/releases/tag/v1.9.3",
          "url": "https://github.com/sirupsen/logrus/releases/tag/v1.9.3"
        },
        {
          "category": "external",
          "summary": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSIRUPSENLOGRUS-5564391",
          "url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMSIRUPSENLOGRUS-5564391"
        }
      ],
      "release_date": "2025-12-04T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2026-04-15T15:24:38+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2026:8325"
        },
        {
          "category": "workaround",
          "details": "Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability.",
          "product_ids": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.src",
            "AppStream-9.0.0.Z.E4S:buildah-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-debugsource-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.aarch64",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.ppc64le",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.s390x",
            "AppStream-9.0.0.Z.E4S:buildah-tests-debuginfo-1:1.26.9-1.el9_0.3.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:crun-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debuginfo-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:crun-debugsource-0:1.14.3-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.src",
            "AppStream-9.0.0.Z.E4S:podman-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-catatonit-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-debugsource-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-docker-2:4.2.0-6.el9_0.6.noarch",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-gvproxy-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-plugins-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-remote-debuginfo-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.aarch64",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.ppc64le",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.s390x",
            "AppStream-9.0.0.Z.E4S:podman-tests-2:4.2.0-6.el9_0.6.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.src",
            "AppStream-9.0.0.Z.E4S:runc-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debuginfo-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.aarch64",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.ppc64le",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.s390x",
            "AppStream-9.0.0.Z.E4S:runc-debugsource-4:1.2.9-1.el9_0.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.src",
            "AppStream-9.0.0.Z.E4S:skopeo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debuginfo-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-debugsource-2:1.8.0-4.1.el9_0.2.x86_64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.aarch64",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.ppc64le",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.s390x",
            "AppStream-9.0.0.Z.E4S:skopeo-tests-2:1.8.0-4.1.el9_0.2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload"
    }
  ]
}

WID-SEC-W-2026-0114

Vulnerability from csaf_certbund - Published: 2026-01-14 23:00 - Updated: 2026-05-20 22:00

Summary

Red Hat OpenShift (github.com/sirupsen/logrus): Schwachstelle ermöglicht Denial of Service

Severity

Mittel

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.

Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift ausnutzen, um einen Denial of Service Angriff durchzuführen.

Betroffene Betriebssysteme: - Sonstiges - UNIX

CVE-2025-65637

Affected products

Known affected 23 products

Product	Identifier	Version
Red Hat OpenShift Container Platform <4.14.63 Red Hat / OpenShift		Container Platform <4.14.63
Red Hat Enterprise Linux Red Hat	`cpe:/o:redhat:enterprise_linux:-`	—
Red Hat OpenShift Container Platform <4.19.24 Red Hat / OpenShift		Container Platform <4.19.24
Red Hat OpenShift Container Platform <4.21.1 Red Hat / OpenShift		Container Platform <4.21.1
Red Hat OpenShift Container Platform <4.14.62 Red Hat / OpenShift		Container Platform <4.14.62
Red Hat OpenShift Container Platform <4.12.85 Red Hat / OpenShift		Container Platform <4.12.85
Red Hat OpenShift <4.18.31 Red Hat / OpenShift		<4.18.31
Red Hat OpenShift Container Platform <4.17.49 Red Hat / OpenShift		Container Platform <4.17.49
Red Hat OpenShift Container Platform <4.16.57 Red Hat / OpenShift		Container Platform <4.16.57
Red Hat OpenShift Container Platform <4.15.64 Red Hat / OpenShift		Container Platform <4.15.64
Red Hat OpenShift Container Platform <4.17.54 Red Hat / OpenShift		Container Platform <4.17.54
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Fedora Linux Fedora	`cpe:/o:fedoraproject:fedora:-`	—
Red Hat OpenShift Container Platform <4.19.26 Red Hat / OpenShift		Container Platform <4.19.26
Red Hat OpenShift Container Platform <4.18.34 Red Hat / OpenShift		Container Platform <4.18.34
Red Hat OpenShift Container Platform <4.15.62 Red Hat / OpenShift		Container Platform <4.15.62
Red Hat OpenShift Container Platform <4.20.16 Red Hat / OpenShift		Container Platform <4.20.16
Red Hat OpenShift Container Platform <4.17.51 Red Hat / OpenShift		Container Platform <4.17.51
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Red Hat OpenShift Container Platform <4.13.65 Red Hat / OpenShift		Container Platform <4.13.65
Red Hat OpenShift Container Platform <4.16.58 Red Hat / OpenShift		Container Platform <4.16.58
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—

References

88 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://access.redhat.com/errata/RHSA-2026:0338	external
https://access.redhat.com/errata/RHSA-2026:0327	external
https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2026-…	external
https://alas.aws.amazon.com/AL2/ALAS2ECS-2026-094.html	external
https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAV…	external
https://access.redhat.com/errata/RHSA-2026:0715	external
https://access.redhat.com/errata/RHSA-2026:0715	external
https://lists.opensuse.org/archives/list/security…	external
https://access.redhat.com/errata/RHSA-2026:1004	external
https://access.redhat.com/errata/RHSA-2026:1555	external
https://access.redhat.com/errata/RHSA-2026:1062	external
https://access.redhat.com/errata/RHSA-2026:1577	external
https://access.redhat.com/errata/RHSA-2026:1556	external
https://access.redhat.com/errata/RHSA-2026:1552	external
https://access.redhat.com/errata/RHSA-2026:1549	external
https://access.redhat.com/errata/RHSA-2026:1549	external
https://access.redhat.com/errata/RHSA-2026:2130	external
https://access.redhat.com/errata/RHSA-2026:2129	external
https://access.redhat.com/errata/RHSA-2026:2119	external
https://access.redhat.com/errata/RHSA-2026:2120	external
https://access.redhat.com/errata/RHSA-2026:2079	external
https://access.redhat.com/errata/RHSA-2026:2078	external
https://access.redhat.com/errata/RHSA-2026:2520	external
https://access.redhat.com/errata/RHSA-2026:2519	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://bodhi.fedoraproject.org/updates/FEDORA-20…	external
https://access.redhat.com/errata/RHSA-2026:2066	external
https://access.redhat.com/errata/RHSA-2026:2688	external
https://access.redhat.com/errata/RHSA-2026:2686	external
https://access.redhat.com/errata/RHSA-2026:2065	external
https://access.redhat.com/errata/RHSA-2026:2685	external
https://access.redhat.com/errata/RHSA-2026:2687	external
https://access.redhat.com/errata/RHSA-2026:2652	external
https://access.redhat.com/errata/RHSA-2026:2673	external
https://access.redhat.com/errata/RHSA-2026:2662	external
https://access.redhat.com/errata/RHSA-2026:2661	external
https://access.redhat.com/errata/RHSA-2026:2658	external
https://access.redhat.com/errata/RHSA-2026:2651	external
https://access.redhat.com/errata/RHSA-2026:2672	external
https://access.redhat.com/errata/RHSA-2026:2670	external
https://access.redhat.com/errata/RHSA-2026:2746	external
https://access.redhat.com/errata/RHSA-2026:3099	external
https://access.redhat.com/errata/RHSA-2026:2978	external
https://access.redhat.com/errata/RHSA-2026:2977	external
https://access.redhat.com/errata/RHSA-2026:3428	external
https://access.redhat.com/errata/RHSA-2026:2973	external
https://access.redhat.com/errata/RHSA-2026:2990	external
https://access.redhat.com/errata/RHSA-2026:2991	external
https://errata.build.resf.org/RLSA-2026:3428	external
http://linux.oracle.com/errata/ELSA-2026-3428.html	external
https://access.redhat.com/errata/RHSA-2026:3419	external
https://access.redhat.com/errata/RHSA-2026:3418	external
https://access.redhat.com/errata/RHSA-2026:3422	external
https://access.redhat.com/errata/RHSA-2026:3423	external
https://access.redhat.com/errata/RHSA-2026:3855	external
https://access.redhat.com/errata/RHSA-2026:3871	external
https://access.redhat.com/errata/RHSA-2026:3855	external
https://access.redhat.com/errata/RHSA-2026:3870	external
https://access.redhat.com/errata/RHSA-2026:4532	external
https://access.redhat.com/errata/RHSA-2026:4533	external
https://access.redhat.com/errata/RHSA-2026:4693	external
https://access.redhat.com/errata/RHSA-2026:4510	external
https://access.redhat.com/errata/RHSA-2026:4418	external
https://access.redhat.com/errata/RHSA-2026:4423	external
https://access.redhat.com/errata/RHSA-2026:4424	external
https://access.redhat.com/errata/RHSA-2026:4482	external
https://access.redhat.com/errata/RHSA-2026:4434	external
https://access.redhat.com/errata/RHSA-2026:4483	external
https://access.redhat.com/errata/RHSA-2026:5108	external
https://access.redhat.com/errata/RHSA-2026:5107	external
https://access.redhat.com/errata/RHSA-2026:6191	external
https://access.redhat.com/errata/RHSA-2026:5907	external
https://access.redhat.com/errata/RHSA-2026:6911	external
https://access.redhat.com/errata/RHSA-2026:8325	external
https://access.redhat.com/errata/RHSA-2026:7238	external
https://access.redhat.com/errata/RHSA-2026:7253	external
https://access.redhat.com/errata/RHSA-2026:10703	external
https://access.redhat.com/errata/RHSA-2026:7885	external
https://access.redhat.com/errata/RHSA-2026:11804	external
https://access.redhat.com/errata/RHSA-2026:13971	external
https://access.redhat.com/errata/RHSA-2026:12282	external
https://access.redhat.com/errata/RHSA-2026:12273	external
https://access.redhat.com/errata/RHSA-2026:15941	external
https://access.redhat.com/errata/RHSA-2026:15940	external
https://access.redhat.com/errata/RHSA-2026:14774	external
https://access.redhat.com/errata/RHSA-2026:17598	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Red Hat OpenShift ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Sonstiges\n- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0114 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0114.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0114 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0114"
      },
      {
        "category": "external",
        "summary": "Red Hat Product Security Advisory vom 2026-01-14",
        "url": "https://access.redhat.com/errata/RHSA-2026:0338"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:0327 vom 2026-01-15",
        "url": "https://access.redhat.com/errata/RHSA-2026:0327"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2DOCKER-2026-095 vom 2026-01-22",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2DOCKER-2026-095.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2ECS-2026-094 vom 2026-01-22",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2ECS-2026-094.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2NITRO-ENCLAVES-2026-085 vom 2026-01-22",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2NITRO-ENCLAVES-2026-085.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:0701 vom 2026-01-22",
        "url": "https://access.redhat.com/errata/RHSA-2026:0715"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:0715 vom 2026-01-22",
        "url": "https://access.redhat.com/errata/RHSA-2026:0715"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:0292-1 vom 2026-01-26",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/HECX3C2HIUBSJGNRJZZ72TS3YM5F7IVS/"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:1004 vom 2026-01-30",
        "url": "https://access.redhat.com/errata/RHSA-2026:1004"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:1555 vom 2026-02-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:1555"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:1062 vom 2026-02-03",
        "url": "https://access.redhat.com/errata/RHSA-2026:1062"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:1577 vom 2026-02-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:1577"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:1556 vom 2026-02-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:1556"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:1552 vom 2026-02-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:1552"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:1540 vom 2026-02-05",
        "url": "https://access.redhat.com/errata/RHSA-2026:1549"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:1549 vom 2026-02-05",
        "url": "https://access.redhat.com/errata/RHSA-2026:1549"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2130 vom 2026-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2026:2130"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2129 vom 2026-02-10",
        "url": "https://access.redhat.com/errata/RHSA-2026:2129"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2119 vom 2026-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2026:2119"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2120 vom 2026-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2026:2120"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2079 vom 2026-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2026:2079"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2078 vom 2026-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2026:2078"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2520 vom 2026-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2026:2520"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2519 vom 2026-02-11",
        "url": "https://access.redhat.com/errata/RHSA-2026:2519"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2026-439AF2CC95 vom 2026-02-11",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-439af2cc95"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2026-ADBFEBD04B vom 2026-02-11",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2026-adbfebd04b"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2066 vom 2026-02-12",
        "url": "https://access.redhat.com/errata/RHSA-2026:2066"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2688 vom 2026-02-12",
        "url": "https://access.redhat.com/errata/RHSA-2026:2688"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2686 vom 2026-02-13",
        "url": "https://access.redhat.com/errata/RHSA-2026:2686"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2065 vom 2026-02-12",
        "url": "https://access.redhat.com/errata/RHSA-2026:2065"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2685 vom 2026-02-12",
        "url": "https://access.redhat.com/errata/RHSA-2026:2685"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2687 vom 2026-02-12",
        "url": "https://access.redhat.com/errata/RHSA-2026:2687"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2652 vom 2026-02-17",
        "url": "https://access.redhat.com/errata/RHSA-2026:2652"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2673 vom 2026-02-17",
        "url": "https://access.redhat.com/errata/RHSA-2026:2673"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2662 vom 2026-02-18",
        "url": "https://access.redhat.com/errata/RHSA-2026:2662"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2661 vom 2026-02-18",
        "url": "https://access.redhat.com/errata/RHSA-2026:2661"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2658 vom 2026-02-18",
        "url": "https://access.redhat.com/errata/RHSA-2026:2658"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2651 vom 2026-02-18",
        "url": "https://access.redhat.com/errata/RHSA-2026:2651"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2672 vom 2026-02-18",
        "url": "https://access.redhat.com/errata/RHSA-2026:2672"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2670 vom 2026-02-19",
        "url": "https://access.redhat.com/errata/RHSA-2026:2670"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2746 vom 2026-02-23",
        "url": "https://access.redhat.com/errata/RHSA-2026:2746"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:3099 vom 2026-02-23",
        "url": "https://access.redhat.com/errata/RHSA-2026:3099"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2978 vom 2026-02-25",
        "url": "https://access.redhat.com/errata/RHSA-2026:2978"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2977 vom 2026-02-25",
        "url": "https://access.redhat.com/errata/RHSA-2026:2977"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:3428 vom 2026-02-26",
        "url": "https://access.redhat.com/errata/RHSA-2026:3428"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2973 vom 2026-02-26",
        "url": "https://access.redhat.com/errata/RHSA-2026:2973"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2990 vom 2026-02-26",
        "url": "https://access.redhat.com/errata/RHSA-2026:2990"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:2991 vom 2026-02-26",
        "url": "https://access.redhat.com/errata/RHSA-2026:2991"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:3428 vom 2026-02-27",
        "url": "https://errata.build.resf.org/RLSA-2026:3428"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-3428 vom 2026-02-28",
        "url": "http://linux.oracle.com/errata/ELSA-2026-3428.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:3419 vom 2026-03-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:3419"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:3418 vom 2026-03-04",
        "url": "https://access.redhat.com/errata/RHSA-2026:3418"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:3422 vom 2026-03-05",
        "url": "https://access.redhat.com/errata/RHSA-2026:3422"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:3423 vom 2026-03-05",
        "url": "https://access.redhat.com/errata/RHSA-2026:3423"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:3855 vom 2026-03-11",
        "url": "https://access.redhat.com/errata/RHSA-2026:3855"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:3871 vom 2026-03-12",
        "url": "https://access.redhat.com/errata/RHSA-2026:3871"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:3851 vom 2026-03-11",
        "url": "https://access.redhat.com/errata/RHSA-2026:3855"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:3870 vom 2026-03-12",
        "url": "https://access.redhat.com/errata/RHSA-2026:3870"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:4532 vom 2026-03-12",
        "url": "https://access.redhat.com/errata/RHSA-2026:4532"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:4533 vom 2026-03-13",
        "url": "https://access.redhat.com/errata/RHSA-2026:4533"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:4693 vom 2026-03-17",
        "url": "https://access.redhat.com/errata/RHSA-2026:4693"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:4510 vom 2026-03-19",
        "url": "https://access.redhat.com/errata/RHSA-2026:4510"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:4418 vom 2026-03-19",
        "url": "https://access.redhat.com/errata/RHSA-2026:4418"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:4423 vom 2026-03-19",
        "url": "https://access.redhat.com/errata/RHSA-2026:4423"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:4424 vom 2026-03-19",
        "url": "https://access.redhat.com/errata/RHSA-2026:4424"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:4482 vom 2026-03-19",
        "url": "https://access.redhat.com/errata/RHSA-2026:4482"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:4434 vom 2026-03-18",
        "url": "https://access.redhat.com/errata/RHSA-2026:4434"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:4483 vom 2026-03-19",
        "url": "https://access.redhat.com/errata/RHSA-2026:4483"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:5108 vom 2026-03-26",
        "url": "https://access.redhat.com/errata/RHSA-2026:5108"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:5107 vom 2026-03-26",
        "url": "https://access.redhat.com/errata/RHSA-2026:5107"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:6191 vom 2026-03-30",
        "url": "https://access.redhat.com/errata/RHSA-2026:6191"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:5907 vom 2026-04-01",
        "url": "https://access.redhat.com/errata/RHSA-2026:5907"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:6911 vom 2026-04-07",
        "url": "https://access.redhat.com/errata/RHSA-2026:6911"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:8325 vom 2026-04-15",
        "url": "https://access.redhat.com/errata/RHSA-2026:8325"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:7238 vom 2026-04-16",
        "url": "https://access.redhat.com/errata/RHSA-2026:7238"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:7253 vom 2026-04-16",
        "url": "https://access.redhat.com/errata/RHSA-2026:7253"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:10703 vom 2026-04-27",
        "url": "https://access.redhat.com/errata/RHSA-2026:10703"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:7885 vom 2026-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2026:7885"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:11804 vom 2026-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2026:11804"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13971 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:13971"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:12282 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:12282"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:12273 vom 2026-05-09",
        "url": "https://access.redhat.com/errata/RHSA-2026:12273"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:15941 vom 2026-05-11",
        "url": "https://access.redhat.com/errata/RHSA-2026:15941"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:15940 vom 2026-05-11",
        "url": "https://access.redhat.com/errata/RHSA-2026:15940"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14774 vom 2026-05-13",
        "url": "https://access.redhat.com/errata/RHSA-2026:14774"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:17598 vom 2026-05-20",
        "url": "https://access.redhat.com/errata/RHSA-2026:17598"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat OpenShift (github.com/sirupsen/logrus): Schwachstelle erm\u00f6glicht Denial of Service",
    "tracking": {
      "current_release_date": "2026-05-20T22:00:00.000+00:00",
      "generator": {
        "date": "2026-05-21T07:57:42.129+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-0114",
      "initial_release_date": "2026-01-14T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-01-14T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-01-15T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-01-21T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2026-01-22T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-01-26T23:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-01-29T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-02-03T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-02-05T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-02-09T23:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-02-10T23:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat und Fedora aufgenommen"
        },
        {
          "date": "2026-02-11T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-02-12T23:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-02-17T23:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-02-18T23:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-02-22T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-02-23T23:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-02-25T23:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-02-26T23:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-03-01T23:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2026-03-03T23:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-03-04T23:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-03-10T23:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-03-11T23:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-03-12T23:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-03-16T23:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-03-18T23:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-03-25T23:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-03-30T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-03-31T22:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-04-07T22:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-04-15T22:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-04-26T22:00:00.000+00:00",
          "number": "32",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-04-28T22:00:00.000+00:00",
          "number": "33",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-04-29T22:00:00.000+00:00",
          "number": "34",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-05T22:00:00.000+00:00",
          "number": "35",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-06T22:00:00.000+00:00",
          "number": "36",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-10T22:00:00.000+00:00",
          "number": "37",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-14T22:00:00.000+00:00",
          "number": "38",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-20T22:00:00.000+00:00",
          "number": "39",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "39"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Red Hat Enterprise Linux",
            "product": {
              "name": "Red Hat Enterprise Linux",
              "product_id": "67646",
              "product_identification_helper": {
                "cpe": "cpe:/o:redhat:enterprise_linux:-"
              }
            }
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c4.18.31",
                "product": {
                  "name": "Red Hat OpenShift \u003c4.18.31",
                  "product_id": "T050005"
                }
              },
              {
                "category": "product_version",
                "name": "4.18.31",
                "product": {
                  "name": "Red Hat OpenShift 4.18.31",
                  "product_id": "T050005-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:4.18.31"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.21.1",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.21.1",
                  "product_id": "T050641"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.21.1",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.21.1",
                  "product_id": "T050641-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.21.1"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.12.85",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.12.85",
                  "product_id": "T050875"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.12.85",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.12.85",
                  "product_id": "T050875-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.12.85"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.19.24",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.19.24",
                  "product_id": "T050950"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.19.24",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.19.24",
                  "product_id": "T050950-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.19.24"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.17.49",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.17.49",
                  "product_id": "T050951"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.17.49",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.17.49",
                  "product_id": "T050951-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.17.49"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.16.57",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.16.57",
                  "product_id": "T050973"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.16.57",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.16.57",
                  "product_id": "T050973-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.16.57"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.18.34",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.18.34",
                  "product_id": "T051178"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.18.34",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.18.34",
                  "product_id": "T051178-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.18.34"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.14.62",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.14.62",
                  "product_id": "T051279"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.14.62",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.14.62",
                  "product_id": "T051279-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.14.62"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.20.16",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.20.16",
                  "product_id": "T051609"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.20.16",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.20.16",
                  "product_id": "T051609-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.20.16"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.17.51",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.17.51",
                  "product_id": "T051805"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.17.51",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.17.51",
                  "product_id": "T051805-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.17.51"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.19.26",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.19.26",
                  "product_id": "T051880"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.19.26",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.19.26",
                  "product_id": "T051880-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.19.26"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.15.62",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.15.62",
                  "product_id": "T051881"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.15.62",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.15.62",
                  "product_id": "T051881-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.15.62"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.16.58",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.16.58",
                  "product_id": "T051889"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.16.58",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.16.58",
                  "product_id": "T051889-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.16.58"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.14.63",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.14.63",
                  "product_id": "T052152"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.14.63",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.14.63",
                  "product_id": "T052152-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.14.63"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.13.65",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.13.65",
                  "product_id": "T052914"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.13.65",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.13.65",
                  "product_id": "T052914-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.13.65"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.15.64",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.15.64",
                  "product_id": "T054018"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.15.64",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.15.64",
                  "product_id": "T054018-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.15.64"
                  }
                }
              },
              {
                "category": "product_version_range",
                "name": "Container Platform \u003c4.17.54",
                "product": {
                  "name": "Red Hat OpenShift Container Platform \u003c4.17.54",
                  "product_id": "T054403"
                }
              },
              {
                "category": "product_version",
                "name": "Container Platform 4.17.54",
                "product": {
                  "name": "Red Hat OpenShift Container Platform 4.17.54",
                  "product_id": "T054403-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:container_platform__4.17.54"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenShift"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-65637",
      "product_status": {
        "known_affected": [
          "T052152",
          "67646",
          "T050950",
          "T050641",
          "T051279",
          "T050875",
          "T050005",
          "T050951",
          "T050973",
          "T054018",
          "T054403",
          "T004914",
          "T032255",
          "74185",
          "T051880",
          "T051178",
          "T051881",
          "T051609",
          "T051805",
          "T002207",
          "T052914",
          "T051889",
          "398363"
        ]
      },
      "release_date": "2026-01-14T23:00:00.000+00:00",
      "title": "CVE-2025-65637"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2025-65637 (GCVE-0-2025-65637)

RHSA-2026:7885

RHSA-2026:8325

WID-SEC-W-2026-0114

Tags

Sightings

Nomenclature