Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage
🔗 CVE IDs covered (13)
📋 Description
CVE-2024-34459 — libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c CVE-2025-5278 — coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification CVE-2025-10911 — libxslt: use-after-free with key data stored cross-RVT CVE-2025-13151 — libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string CVE-2025-71319 — image-size: image-size: Denial of Service due to infinite loop when processing specially crafted images. CVE-2026-8643 — python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite CVE-2026-9256 — nginx: ngx_http_rewrite_module: code execution and denial of service CVE-2026-31790 — openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-33416 — libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33636 — libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion CVE-2026-41411 — vim: Vim: Command injection allows arbitrary code execution via malicious tag files CVE-2026-44431 — urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers CVE-2026-44432 — urllib3: urllib3: Denial of Service due to excessive HTTP response decompression
🔗 References (17)
- selfhttps://access.redhat.com/errata/RHSA-2026:33313
- externalhttps://access.redhat.com/security/cve/CVE-2024-34459
- externalhttps://access.redhat.com/security/cve/CVE-2025-10911
- externalhttps://access.redhat.com/security/cve/CVE-2025-13151
- externalhttps://access.redhat.com/security/cve/CVE-2025-5278
- externalhttps://access.redhat.com/security/cve/CVE-2025-71319
- externalhttps://access.redhat.com/security/cve/CVE-2026-31790
- externalhttps://access.redhat.com/security/cve/CVE-2026-33416
- externalhttps://access.redhat.com/security/cve/CVE-2026-33636
- externalhttps://access.redhat.com/security/cve/CVE-2026-41411
- externalhttps://access.redhat.com/security/cve/CVE-2026-44431
- externalhttps://access.redhat.com/security/cve/CVE-2026-44432
- externalhttps://access.redhat.com/security/cve/CVE-2026-8643
- externalhttps://access.redhat.com/security/cve/CVE-2026-9256
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_33313.json