Red Hat Insights Proxy

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Red Hat Insights Proxy.

Recent Red Hat Insights Proxy Security Advisories

Advisory	Title	Published
RHSA-2026:2485	(RHSA-2026:2485) Insights proxy Container Image	February 10, 2026
RHSA-2025:22868	(RHSA-2025:22868) Insights proxy Container Image	December 8, 2025
RHSA-2025:20066	(RHSA-2025:20066) Insights proxy Container Image	November 10, 2025

By the Year

In 2026 there have been 0 vulnerabilities in Red Hat Insights Proxy. Last year, in 2025 Insights Proxy had 15 security vulnerabilities published. Right now, Insights Proxy is on track to have less security vulnerabilities in 2026 than it did last year.

Year	Vulnerabilities	Average Score
2026	0	0.00
2025	15	7.00

It may take a day or so for new Insights Proxy vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Red Hat Insights Proxy Security Vulnerabilities

Heap Buffer Overread in util-linux setpwnam() (256-byte usernames)
CVE-2025-14104 6.1 - Medium - December 05, 2025

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

Out-of-bounds Read

Glib Heap Buffer Overflow in g_escape_uri_string()
CVE-2025-13601 7.7 - High - November 26, 2025

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

Integer Overflow or Wraparound

Linux-PAM pam_namespace LPE via Symlink Race
CVE-2025-8941 7.8 - High - August 13, 2025

A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020.

Directory traversal

GnuTLS NULL Deref in figure_common_ciphersuite()
CVE-2025-6395 6.5 - Medium - July 10, 2025

A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().

NULL Pointer Dereference

libxslt Heap Corruption via atype Flag Manipulation
CVE-2025-7425 7.8 - High - July 10, 2025

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.

Dangling pointer

GnuTLS certtool Heap OOB Null Write in Template Parsing – DoS
CVE-2025-32990 6.5 - Medium - July 10, 2025

A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.

Heap-based Buffer Overflow

GnuTLS Double-Free in SAN Export Logic (CVE-2025-32988)
CVE-2025-32988 6.5 - Medium - July 10, 2025

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.

Double-free

GnuTLS CT SCT Heap-Buffer-Overread (CVE-2025-32989)
CVE-2025-32989 5.3 - Medium - July 10, 2025

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.

Improper Certificate Validation

PAM Namespace Race: Local Priv Escal via Symlinks in linux-pam
CVE-2025-6020 7.8 - High - June 17, 2025

A flaw was found in linux-pam. The module pam_namespace may use access user-controlled paths without proper protection, allowing local users to elevate their privileges to root via multiple symlink attacks and race conditions.

Directory traversal

UAF in libxml2 XPath Parsing via sch:name Path (CVE-2025-49794)
CVE-2025-49794 9.1 - Critical - June 16, 2025

A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.

Dangling pointer

Memory Corruption in libxml2 via sch:name -> DoS
CVE-2025-49796 9.1 - Critical - June 16, 2025

A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.

Out-of-bounds Read

Stack Overflow in libxml2 xmlBuildQName (CVE-2025-6021)
CVE-2025-6021 7.5 - High - June 12, 2025

A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.

Integer Overflow or Wraparound

Integer Overflow in libarchive RAR Reader Causes Double-Free
CVE-2025-5914 7.8 - High - June 09, 2025

A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.

Integer Overflow or Wraparound

systemd-coredump CRASH Race Enables SUID Dump Credential Leak
CVE-2025-4598 4.7 - Medium - May 30, 2025

A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.

Signal Handler Race Condition

GLib GString Integer Overflow Leading to Buffer Underrun
CVE-2025-4373 4.8 - Medium - May 06, 2025

A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.

buffer underrun

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Red Hat Insights Proxy or by Red Hat? Click the Watch button to subscribe.

Red Hat
Vendor

Red Hat Insights Proxy
Product

Red Hat Insights Proxy

Don't miss out!

Recent Red Hat Insights Proxy Security Advisories

By the Year

Recent Red Hat Insights Proxy Security Vulnerabilities

Heap Buffer Overread in util-linux setpwnam() (256-byte usernames) CVE-2025-14104 6.1 - Medium - December 05, 2025

Glib Heap Buffer Overflow in g_escape_uri_string() CVE-2025-13601 7.7 - High - November 26, 2025

Linux-PAM pam_namespace LPE via Symlink Race CVE-2025-8941 7.8 - High - August 13, 2025

GnuTLS NULL Deref in figure_common_ciphersuite() CVE-2025-6395 6.5 - Medium - July 10, 2025

libxslt Heap Corruption via atype Flag Manipulation CVE-2025-7425 7.8 - High - July 10, 2025

GnuTLS certtool Heap OOB Null Write in Template Parsing – DoS CVE-2025-32990 6.5 - Medium - July 10, 2025

GnuTLS Double-Free in SAN Export Logic (CVE-2025-32988) CVE-2025-32988 6.5 - Medium - July 10, 2025

GnuTLS CT SCT Heap-Buffer-Overread (CVE-2025-32989) CVE-2025-32989 5.3 - Medium - July 10, 2025

PAM Namespace Race: Local Priv Escal via Symlinks in linux-pam CVE-2025-6020 7.8 - High - June 17, 2025

UAF in libxml2 XPath Parsing via sch:name Path (CVE-2025-49794) CVE-2025-49794 9.1 - Critical - June 16, 2025

Memory Corruption in libxml2 via sch:name -> DoS CVE-2025-49796 9.1 - Critical - June 16, 2025

Stack Overflow in libxml2 xmlBuildQName (CVE-2025-6021) CVE-2025-6021 7.5 - High - June 12, 2025

Integer Overflow in libarchive RAR Reader Causes Double-Free CVE-2025-5914 7.8 - High - June 09, 2025

systemd-coredump CRASH Race Enables SUID Dump Credential Leak CVE-2025-4598 4.7 - Medium - May 30, 2025

GLib GString Integer Overflow Leading to Buffer Underrun CVE-2025-4373 4.8 - Medium - May 06, 2025

Stay on top of Security Vulnerabilities

Red Hat Vendor

Red Hat Insights ProxyProduct

Heap Buffer Overread in util-linux setpwnam() (256-byte usernames)
CVE-2025-14104 6.1 - Medium - December 05, 2025

Glib Heap Buffer Overflow in g_escape_uri_string()
CVE-2025-13601 7.7 - High - November 26, 2025

Linux-PAM pam_namespace LPE via Symlink Race
CVE-2025-8941 7.8 - High - August 13, 2025

GnuTLS NULL Deref in figure_common_ciphersuite()
CVE-2025-6395 6.5 - Medium - July 10, 2025

libxslt Heap Corruption via atype Flag Manipulation
CVE-2025-7425 7.8 - High - July 10, 2025

GnuTLS certtool Heap OOB Null Write in Template Parsing – DoS
CVE-2025-32990 6.5 - Medium - July 10, 2025

GnuTLS Double-Free in SAN Export Logic (CVE-2025-32988)
CVE-2025-32988 6.5 - Medium - July 10, 2025

GnuTLS CT SCT Heap-Buffer-Overread (CVE-2025-32989)
CVE-2025-32989 5.3 - Medium - July 10, 2025

PAM Namespace Race: Local Priv Escal via Symlinks in linux-pam
CVE-2025-6020 7.8 - High - June 17, 2025

UAF in libxml2 XPath Parsing via sch:name Path (CVE-2025-49794)
CVE-2025-49794 9.1 - Critical - June 16, 2025

Memory Corruption in libxml2 via sch:name -> DoS
CVE-2025-49796 9.1 - Critical - June 16, 2025

Stack Overflow in libxml2 xmlBuildQName (CVE-2025-6021)
CVE-2025-6021 7.5 - High - June 12, 2025

Integer Overflow in libarchive RAR Reader Causes Double-Free
CVE-2025-5914 7.8 - High - June 09, 2025

systemd-coredump CRASH Race Enables SUID Dump Credential Leak
CVE-2025-4598 4.7 - Medium - May 30, 2025

GLib GString Integer Overflow Leading to Buffer Underrun
CVE-2025-4373 4.8 - Medium - May 06, 2025

Red Hat
Vendor

Red Hat Insights Proxy
Product