Red Hat Rhui

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Red Hat Rhui.

Recent Red Hat Rhui Security Advisories

Advisory	Title	Published
RHSA-2026:10754	(RHSA-2026:10754) Important: RHUI 4.11.4 security update - python-pyOpenSSL	April 27, 2026
RHSA-2026:1485	(RHSA-2026:1485) Important: RHUI 4.11.3 security update - python-urllib3	January 28, 2026
RHSA-2025:1335	(RHSA-2025:1335) Important: RHUI 4.11 security, bugfix, and enhancement update	February 12, 2025
RHSA-2024:1878	(RHSA-2024:1878) Moderate: RHUI 4.8 Release - Security Updates, Bug Fixes, and Enhancements	April 18, 2024
RHSA-2023:4591	(RHSA-2023:4591) Moderate: RHUI 4.5.0 release - Security, Bug Fixes, and Enhancements	August 9, 2023
RHSA-2023:2101	(RHSA-2023:2101) Moderate: RHUI 4.4.0 release - Security Fixes, Bug Fixes, and Enhancements Update	May 3, 2023
RHSA-2023:0742	(RHSA-2023:0742) Low: RHUI 4.3.0 release - Security Fixes, Bug Fixes, and Enhancements Update	February 13, 2023
RHSA-2022:5602	(RHSA-2022:5602) Important: RHUI 4.1.1 release - Security Fixes and Enhancement Update	July 19, 2022

By the Year

In 2026 there have been 23 vulnerabilities in Red Hat Rhui with an average score of 6.7 out of ten. Last year, in 2025 Rhui had 4 security vulnerabilities published. That is, 19 more vulnerabilities have already been reported in 2026 as compared to last year. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.19.

Year	Vulnerabilities	Average Score
2026	23	6.66
2025	4	6.48
2024	4	7.50

It may take a day or so for new Rhui vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Red Hat Rhui Security Vulnerabilities

GnuTLS UAF in pkcs11_token_set_pin on NULL SO PIN
CVE-2026-42014 6.6 - Medium - June 16, 2026

A flaw was found in GnuTLS. The `gnutls_pkcs11_token_set_pin` function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path.

Dangling pointer

GnuTLS PKCS#7 Padding Timing SideChannel Info Disclosure
CVE-2026-5419 3.7 - Low - June 01, 2026

A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of information disclosure.

Observable Timing Discrepancy

GnuTLS PKCS#12 Bag Off-by-One Buffer Overwrite
CVE-2026-42015 5.3 - Medium - May 26, 2026

A flaw was found in gnutls. An off-by-one error exists in the PKCS#12 bag element bounds check. This vulnerability allows an remote attacker to write past the internal array of a PKCS#12 bag when appending to a bag that already contains 32 elements. This memory corruption could lead to a denial of service (DoS) or potentially other unspecified impacts.

off-by-five

GnuTLS SAN Size ForkCheck Bypass
CVE-2026-42013 8.2 - High - May 26, 2026

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.

Improper Certificate Validation

GNUTLS Certificate Validation Bypass via URI/SRV SAN Fallback
CVE-2026-42012 7.1 - High - May 26, 2026

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier (URI) or Service (SRV) Subject Alternative Names (SANs). This could cause the certificate validation process to incorrectly fall back to checking DNS hostnames against the Common Name (CN), potentially allowing the attacker to spoof legitimate services or intercept sensitive information.

Improper Certificate Validation

Libgnutls RSA PKCS#11 Key Exchange Overread Info Disclosure
CVE-2026-5260 8.2 - High - May 26, 2026

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.

Buffer Over-read

libsolv Heap Buffer Overflow via .solv Decompression
CVE-2026-48864 7.8 - High - May 26, 2026

A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insufficient input validation. An attacker can provide a specially crafted `.solv` file, which, when processed by a vulnerable application, can lead to out-of-bounds memory access. This could result in information disclosure, alteration of program execution, or a denial of service.

Memory Corruption

libsolv Heap B.O. in repo_add_solv via negative .solv size
CVE-2026-9149 6.5 - Medium - May 20, 2026

A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. This leads to an undersized memory allocation and a subsequent out-of-bounds write. An attacker could exploit this to cause a denial of service (DoS).

Heap-based Buffer Overflow

Red Hat libsolv Stack Buffer Overflow in Debian METADATA Parser
CVE-2026-9150 6.5 - Medium - May 20, 2026

A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could exploit this by providing malicious SHA384 or SHA512 checksum tags, leading to memory corruption and a denial of service (DoS) in the affected system.

Stack Overflow

GnuTLS DTLS DoS via Duplicate Seq Number Reordering
CVE-2026-42009 7.5 - High - May 18, 2026

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.

Undefined Behavior for Input to API

GNUTLS Name Constraint Bypass (CVE-2026-42011)
CVE-2026-42011 7.4 - High - May 07, 2026

A flaw was found in gnutls. This vulnerability occurs because permitted name constraints were incorrectly ignored when previous Certificate Authorities (CAs) only had excluded name constraints. A remote attacker could exploit this to bypass critical name constraint checks during certificate validation. This bypass could lead to the acceptance of invalid certificates, potentially enabling spoofing or man-in-the-middle attacks against affected systems.

Improper Certificate Validation

GNUTLS RSA-PSK Username NUL Bypass Auth
CVE-2026-42010 7.1 - High - May 07, 2026

A flaw was found in gnutls. Servers configured with RSA-PSK (RivestShamirAdleman Pre-Shared Key) wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass. This vulnerability allows an attacker to gain unauthorized access by circumventing the authentication process.

Improper Null Termination

Heap Buffer Overflow in GnuTLS DTLS Fragment Reassembly (CVE-2026-33846)
CVE-2026-33846 7.5 - High - May 04, 2026

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in merge_handshake_packet() where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the message_length field remains consistent across all fragments of the same logical message. An attacker can exploit this by sending crafted DTLS fragments with conflicting message_length values, causing the implementation to allocate a buffer based on a smaller initial fragment and subsequently write beyond its bounds using larger, inconsistent fragments. Because the merge operation does not enforce proper bounds checking against the allocated buffer size, this results in an out-of-bounds write on the heap. The vulnerability is remotely exploitable without authentication via the DTLS handshake path and can lead to application crashes or potential memory corruption.

length manipulation

OOB Read via DTLS Fragment Underflow in GnuTLS
CVE-2026-33845 7.5 - High - April 30, 2026

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.

Integer underflow

GnuTLS OCSP Multi-Record Logic Error Allows Revoked Cert Acceptance
CVE-2026-3832 3.7 - Low - April 30, 2026

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.

Incorrect Behavior Order: Early Validation

GnuTLS SAN case-sensitivity flaw can bypass nameConstraints
CVE-2026-3833 6.5 - Medium - April 30, 2026

A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName` (DNS) or `rfc822Name` (email) constraints within `excludedSubtrees` or `permittedSubtrees`. A remote attacker can exploit this by crafting a leaf certificate with casing differences in the Subject Alternative Name (SAN), leading to a policy bypass where a certificate that should be rejected is instead accepted. This could result in unauthorized access or information disclosure.

Improper Handling of Case Sensitivity

libcap TOCTOU in cap_set_file() leads to privilege escalation
CVE-2026-4878 6.7 - Medium - April 09, 2026

A flaw was found in libcap. A local unprivileged user can exploit a Time-of-check-to-time-of-use (TOCTOU) race condition in the `cap_set_file()` function. This allows an attacker with write access to a parent directory to redirect file capability updates to an attacker-controlled file. By doing so, capabilities can be injected into or stripped from unintended executables, leading to privilege escalation.

TOCTTOU

Integer Overflow in libarchive ZISofs Block Pointer on 32bit
CVE-2026-5121 9.8 - Critical - March 30, 2026

A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for arbitrary code execution on the affected system.

Integer Overflow or Wraparound

CVE-2026-2100: Uninitialized Return in p11-kit C_DeriveKey DS
CVE-2026-2100 5.3 - Medium - March 26, 2026

A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber or IBM btc derive mechanism parameters set to NULL. This could lead to the RPC-client attempting to return an uninitialized value, potentially resulting in a NULL dereference or undefined behavior. This issue may cause an application level denial of service or other unpredictable system states.

Access of Uninitialized Pointer

libarchive Heap OOB Read via Craft RAR Archive
CVE-2026-4424 7.5 - High - March 19, 2026

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication or user interaction.

Out-of-bounds Read

Infinite Loop in libarchive RAR5 Decompression causing DoS
CVE-2026-4111 7.5 - High - March 13, 2026

A flaw was identified in the RAR5 archive decompression logic of the libarchive library, specifically within the archive_read_data() processing path. When a specially crafted RAR5 archive is processed, the decompression routine may enter a state where internal logic prevents forward progress. This condition results in an infinite loop that continuously consumes CPU resources. Because the archive passes checksum validation and appears structurally valid, affected applications cannot detect the issue before processing. This can allow attackers to cause persistent denial-of-service conditions in services that automatically process archives.

Infinite Loop

GnuTLS DoS via oversized SANs in certificates
CVE-2025-14831 5.3 - Medium - February 09, 2026

A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).

Inefficient Algorithmic Complexity

GnuTLS Stack Buffer Overflow in PKCS#11 Init Allows DoS/Code Exec
CVE-2025-9820 4 - Medium - January 26, 2026

A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.

Stack Overflow

glib GIO escape_byte_string overflow causes heap buffer DoS
CVE-2025-14512 6.5 - Medium - December 11, 2025

A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service (DoS) via an integer overflow in GLib's GIO (GLib Input/Output) escape_byte_string() function when processing malicious file or remote filesystem attribute values.

Integer Overflow or Wraparound

GLib GVariant Buffer Underflow Heap Corruption (CVE-2025-14087)
CVE-2025-14087 5.6 - Medium - December 10, 2025

A flaw was found in GLib (Gnome Lib). This vulnerability allows a remote attacker to cause heap corruption, leading to a denial of service or potential code execution via a buffer-underflow in the GVariant parser when processing maliciously crafted input strings.

Integer Overflow or Wraparound

Heap Buffer Overread in util-linux setpwnam() (256-byte usernames)
CVE-2025-14104 6.1 - Medium - December 05, 2025

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

Out-of-bounds Read

Glib Heap Buffer Overflow in g_escape_uri_string()
CVE-2025-13601 7.7 - High - November 26, 2025

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

Integer Overflow or Wraparound

Auth Bypass in Pulpcore v3.0+ via Gunicorn <=22.0 + mod_proxy
CVE-2024-7923 - September 04, 2024

An authentication bypass vulnerability has been identified in Pulpcore when deployed with Gunicorn versions prior to 22.0, due to the puppet-pulpcore configuration. This issue arises from Apache's mod_proxy not properly unsetting headers because of restrictions on underscores in HTTP headers, allowing authentication through a malformed header. This flaw impacts all active Satellite deployments (6.13, 6.14 and 6.15) which are using Pulpcore version 3.0+ and could potentially enable unauthorized users to gain administrative access.

authentification

Pulp RBAC flaw causes improper perms via AutoAddObjPermsMixin (CVE-2024-7143)
CVE-2024-7143 - August 07, 2024

A flaw was found in the Pulp package. When a role-based access control (RBAC) object in Pulp is set to assign permissions on its creation, it uses the `AutoAddObjPermsMixin` (typically the add_roles_for_object_creator method). This method finds the object creator by checking the current authenticated user. For objects that are created within a task, this current user is set by the first user with any permissions on the task object. This means the oldest user with model/domain-level task permissions will always be set as the current user of a task, even if they didn't dispatch the task. Therefore, all objects created in tasks will have their permissions assigned to this oldest user, and the creating user will receive nothing.

Insecure Inherited Permissions

python-cryptography: Remote Decryption of TLS RSA Exchanges
CVE-2023-50782 7.5 - High - February 05, 2024

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.

Side Channel Attack

Remote Decrypt in TLS RSA via M2Crypto: CVE-2023-50781
CVE-2023-50781 7.5 - High - February 05, 2024

A flaw was found in m2crypto. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data.

Side Channel Attack

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Red Hat Rhui or by Red Hat? Click the Watch button to subscribe.

Red Hat
Vendor

Red Hat Rhui
Product

Red Hat Rhui

Don't miss out!

Recent Red Hat Rhui Security Advisories

By the Year

Recent Red Hat Rhui Security Vulnerabilities

GnuTLS UAF in pkcs11_token_set_pin on NULL SO PIN CVE-2026-42014 6.6 - Medium - June 16, 2026

GnuTLS PKCS#7 Padding Timing SideChannel Info Disclosure CVE-2026-5419 3.7 - Low - June 01, 2026

GnuTLS PKCS#12 Bag Off-by-One Buffer Overwrite CVE-2026-42015 5.3 - Medium - May 26, 2026

GnuTLS SAN Size ForkCheck Bypass CVE-2026-42013 8.2 - High - May 26, 2026

GNUTLS Certificate Validation Bypass via URI/SRV SAN Fallback CVE-2026-42012 7.1 - High - May 26, 2026

Libgnutls RSA PKCS#11 Key Exchange Overread Info Disclosure CVE-2026-5260 8.2 - High - May 26, 2026

libsolv Heap Buffer Overflow via .solv Decompression CVE-2026-48864 7.8 - High - May 26, 2026

libsolv Heap B.O. in repo_add_solv via negative .solv size CVE-2026-9149 6.5 - Medium - May 20, 2026

Red Hat libsolv Stack Buffer Overflow in Debian METADATA Parser CVE-2026-9150 6.5 - Medium - May 20, 2026

GnuTLS DTLS DoS via Duplicate Seq Number Reordering CVE-2026-42009 7.5 - High - May 18, 2026

GNUTLS Name Constraint Bypass (CVE-2026-42011) CVE-2026-42011 7.4 - High - May 07, 2026

GNUTLS RSA-PSK Username NUL Bypass Auth CVE-2026-42010 7.1 - High - May 07, 2026

Heap Buffer Overflow in GnuTLS DTLS Fragment Reassembly (CVE-2026-33846) CVE-2026-33846 7.5 - High - May 04, 2026

OOB Read via DTLS Fragment Underflow in GnuTLS CVE-2026-33845 7.5 - High - April 30, 2026

GnuTLS OCSP Multi-Record Logic Error Allows Revoked Cert Acceptance CVE-2026-3832 3.7 - Low - April 30, 2026

GnuTLS SAN case-sensitivity flaw can bypass nameConstraints CVE-2026-3833 6.5 - Medium - April 30, 2026

libcap TOCTOU in cap_set_file() leads to privilege escalation CVE-2026-4878 6.7 - Medium - April 09, 2026

Integer Overflow in libarchive ZISofs Block Pointer on 32bit CVE-2026-5121 9.8 - Critical - March 30, 2026

CVE-2026-2100: Uninitialized Return in p11-kit C_DeriveKey DS CVE-2026-2100 5.3 - Medium - March 26, 2026

libarchive Heap OOB Read via Craft RAR Archive CVE-2026-4424 7.5 - High - March 19, 2026

Infinite Loop in libarchive RAR5 Decompression causing DoS CVE-2026-4111 7.5 - High - March 13, 2026

GnuTLS DoS via oversized SANs in certificates CVE-2025-14831 5.3 - Medium - February 09, 2026

GnuTLS Stack Buffer Overflow in PKCS#11 Init Allows DoS/Code Exec CVE-2025-9820 4 - Medium - January 26, 2026

glib GIO escape_byte_string overflow causes heap buffer DoS CVE-2025-14512 6.5 - Medium - December 11, 2025

GLib GVariant Buffer Underflow Heap Corruption (CVE-2025-14087) CVE-2025-14087 5.6 - Medium - December 10, 2025

Heap Buffer Overread in util-linux setpwnam() (256-byte usernames) CVE-2025-14104 6.1 - Medium - December 05, 2025

Glib Heap Buffer Overflow in g_escape_uri_string() CVE-2025-13601 7.7 - High - November 26, 2025

Auth Bypass in Pulpcore v3.0+ via Gunicorn <=22.0 + mod_proxy CVE-2024-7923 - September 04, 2024

Pulp RBAC flaw causes improper perms via AutoAddObjPermsMixin (CVE-2024-7143) CVE-2024-7143 - August 07, 2024

python-cryptography: Remote Decryption of TLS RSA Exchanges CVE-2023-50782 7.5 - High - February 05, 2024

Remote Decrypt in TLS RSA via M2Crypto: CVE-2023-50781 CVE-2023-50781 7.5 - High - February 05, 2024

Stay on top of Security Vulnerabilities

Red Hat Vendor

Red Hat RhuiProduct

GnuTLS UAF in pkcs11_token_set_pin on NULL SO PIN
CVE-2026-42014 6.6 - Medium - June 16, 2026

GnuTLS PKCS#7 Padding Timing SideChannel Info Disclosure
CVE-2026-5419 3.7 - Low - June 01, 2026

GnuTLS PKCS#12 Bag Off-by-One Buffer Overwrite
CVE-2026-42015 5.3 - Medium - May 26, 2026

GnuTLS SAN Size ForkCheck Bypass
CVE-2026-42013 8.2 - High - May 26, 2026

GNUTLS Certificate Validation Bypass via URI/SRV SAN Fallback
CVE-2026-42012 7.1 - High - May 26, 2026

Libgnutls RSA PKCS#11 Key Exchange Overread Info Disclosure
CVE-2026-5260 8.2 - High - May 26, 2026

libsolv Heap Buffer Overflow via .solv Decompression
CVE-2026-48864 7.8 - High - May 26, 2026

libsolv Heap B.O. in repo_add_solv via negative .solv size
CVE-2026-9149 6.5 - Medium - May 20, 2026

Red Hat libsolv Stack Buffer Overflow in Debian METADATA Parser
CVE-2026-9150 6.5 - Medium - May 20, 2026

GnuTLS DTLS DoS via Duplicate Seq Number Reordering
CVE-2026-42009 7.5 - High - May 18, 2026

GNUTLS Name Constraint Bypass (CVE-2026-42011)
CVE-2026-42011 7.4 - High - May 07, 2026

GNUTLS RSA-PSK Username NUL Bypass Auth
CVE-2026-42010 7.1 - High - May 07, 2026

Heap Buffer Overflow in GnuTLS DTLS Fragment Reassembly (CVE-2026-33846)
CVE-2026-33846 7.5 - High - May 04, 2026

OOB Read via DTLS Fragment Underflow in GnuTLS
CVE-2026-33845 7.5 - High - April 30, 2026

GnuTLS OCSP Multi-Record Logic Error Allows Revoked Cert Acceptance
CVE-2026-3832 3.7 - Low - April 30, 2026

GnuTLS SAN case-sensitivity flaw can bypass nameConstraints
CVE-2026-3833 6.5 - Medium - April 30, 2026

libcap TOCTOU in cap_set_file() leads to privilege escalation
CVE-2026-4878 6.7 - Medium - April 09, 2026

Integer Overflow in libarchive ZISofs Block Pointer on 32bit
CVE-2026-5121 9.8 - Critical - March 30, 2026

CVE-2026-2100: Uninitialized Return in p11-kit C_DeriveKey DS
CVE-2026-2100 5.3 - Medium - March 26, 2026

libarchive Heap OOB Read via Craft RAR Archive
CVE-2026-4424 7.5 - High - March 19, 2026

Infinite Loop in libarchive RAR5 Decompression causing DoS
CVE-2026-4111 7.5 - High - March 13, 2026

GnuTLS DoS via oversized SANs in certificates
CVE-2025-14831 5.3 - Medium - February 09, 2026

GnuTLS Stack Buffer Overflow in PKCS#11 Init Allows DoS/Code Exec
CVE-2025-9820 4 - Medium - January 26, 2026

glib GIO escape_byte_string overflow causes heap buffer DoS
CVE-2025-14512 6.5 - Medium - December 11, 2025

GLib GVariant Buffer Underflow Heap Corruption (CVE-2025-14087)
CVE-2025-14087 5.6 - Medium - December 10, 2025

Heap Buffer Overread in util-linux setpwnam() (256-byte usernames)
CVE-2025-14104 6.1 - Medium - December 05, 2025

Glib Heap Buffer Overflow in g_escape_uri_string()
CVE-2025-13601 7.7 - High - November 26, 2025

Auth Bypass in Pulpcore v3.0+ via Gunicorn <=22.0 + mod_proxy
CVE-2024-7923 - September 04, 2024

Pulp RBAC flaw causes improper perms via AutoAddObjPermsMixin (CVE-2024-7143)
CVE-2024-7143 - August 07, 2024

python-cryptography: Remote Decryption of TLS RSA Exchanges
CVE-2023-50782 7.5 - High - February 05, 2024

Remote Decrypt in TLS RSA via M2Crypto: CVE-2023-50781
CVE-2023-50781 7.5 - High - February 05, 2024

Red Hat
Vendor

Red Hat Rhui
Product