Red Hat Security Advisory: Red Hat AI Inference Server 3.3.1 (ROCm)

CVE-2023-40403 — libxslt: Processing web content may disclose sensitive information CVE-2023-52356 — libtiff: Segment fault in libtiff in TIFFReadRGBATileExt() leading to denial of service CVE-2025-13836 — cpython: Excessive read buffering DoS in http.client CVE-2025-14831 — gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification CVE-2025-15366 — cpython: IMAP command injection in user-controlled commands CVE-2025-15367 — cpython: POP3 command injection in user-controlled commands CVE-2026-0994 — python: protobuf: Protobuf: Denial of Service due to recursion depth bypass CVE-2026-1299 — cpython: email header injection due to unquoted newlines CVE-2026-2447 — libvpx: Heap buffer overflow in libvpx CVE-2026-4111 — libarchive: Infinite Loop Denial of Service in RAR5 Decompression via archive_read_data() in libarchive CVE-2026-4519 — python: Python: Command-line option injection in webbrowser.open() via crafted URLs CVE-2026-22695 — libpng: libpng: Denial of service and information disclosure via heap buffer over-read in png_image_finish_read CVE-2026-22801 — libpng: libpng: Information disclosure and denial of service via integer truncation in simplified write API CVE-2026-25646 — libpng: LIBPNG has a heap buffer overflow in png_set_quantize CVE-2026-27893 — vllm: vLLM: Remote code execution due to hardcoded trust_remote_code setting CVE-2026-32597 — pyjwt: PyJWT accepts unknown crit header extensions (RFC 7515 §4.1.11 MUST violation)