Red Hat Security Advisory: A Subscription Management tool for finding and reporting Red Hat product usage
🔗 CVE IDs covered (9)
📋 Description
CVE-2021-23337 — nodejs-lodash: command injection via template CVE-2025-9820 — gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function CVE-2025-14831 — gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification CVE-2025-15366 — cpython: IMAP command injection in user-controlled commands CVE-2025-15367 — cpython: POP3 command injection in user-controlled commands CVE-2026-1299 — cpython: email header injection due to unquoted newlines CVE-2026-4111 — libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive CVE-2026-4519 — python: Python: Command-line option injection in webbrowser.open() via crafted URLs CVE-2026-29063 — immutable-js: Immutable.js: Arbitrary code execution via Prototype Pollution
🔗 References (13)
- selfhttps://access.redhat.com/errata/RHSA-2026:7329
- externalhttps://access.redhat.com/security/cve/CVE-2021-23337
- externalhttps://access.redhat.com/security/cve/CVE-2025-14831
- externalhttps://access.redhat.com/security/cve/CVE-2025-15366
- externalhttps://access.redhat.com/security/cve/CVE-2025-15367
- externalhttps://access.redhat.com/security/cve/CVE-2025-9820
- externalhttps://access.redhat.com/security/cve/CVE-2026-1299
- externalhttps://access.redhat.com/security/cve/CVE-2026-29063
- externalhttps://access.redhat.com/security/cve/CVE-2026-4111
- externalhttps://access.redhat.com/security/cve/CVE-2026-4519
- externalhttps://access.redhat.com/security/updates/classification/
- externalhttps://docs.redhat.com/en/documentation/subscription_central/1-latest/#Discovery
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_7329.json