RHSA-2026:33313HighCVSS 8.1

Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage

Published
June 29, 2026
Last Modified
July 3, 2026

🔗 CVE IDs covered (13)

📋 Description

CVE-2024-34459 — libxml2: buffer over-read in xmlHTMLPrintFileContext in xmllint.c CVE-2025-5278 — coreutils: Heap Buffer Under-Read in GNU Coreutils sort via Key Specification CVE-2025-10911 — libxslt: use-after-free with key data stored cross-RVT CVE-2025-13151 — libtasn1: libtasn1: Denial of Service via stack-based buffer overflow in asn1_expend_octet_string CVE-2025-71319 — image-size: image-size: Denial of Service due to infinite loop when processing specially crafted images. CVE-2026-8643 — python-pip: Path traversal via malicious entry point name in pip wheel installation allows arbitrary file overwrite CVE-2026-9256 — nginx: ngx_http_rewrite_module: code execution and denial of service CVE-2026-31790 — openssl: openssl: Information Disclosure from Uninitialized Memory via Invalid RSA Public Key CVE-2026-33416 — libpng: libpng: Arbitrary code execution due to use-after-free vulnerability CVE-2026-33636 — libpng: libpng: Information disclosure and denial of service via out-of-bounds read/write in Neon palette expansion CVE-2026-41411 — vim: Vim: Command injection allows arbitrary code execution via malicious tag files CVE-2026-44431 — urllib3: urllib3: Information disclosure via cross-origin redirects forwarding sensitive headers CVE-2026-44432 — urllib3: urllib3: Denial of Service due to excessive HTTP response decompression

🔗 References (17)