Redhat Hardened_images
22 CVEs affecting Redhat Hardened_images. Latest disclosed: 2026-05-26. Critical: 0, High: 9.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2026-0966 | High | 8.2 | 2026-03-26 | A flaw was found in libssh. The API function `ssh_get_hexa()` is vulnerable to a denial of service when processing zero-length input. This can be exploited rem… |
CVE-2026-48864 | High | 7.8 | 2026-05-26 | A flaw was found in libsolv. This heap buffer overflow occurs during the decompression of attacker-controlled compressed data within `.solv` files due to insuf… |
CVE-2026-6846 | High | 7.8 | 2026-04-22 | A flaw was found in binutils. A heap-buffer-overflow vulnerability exists when processing a specially crafted XCOFF (Extended Common Object File Format) object… |
CVE-2025-14821 | High | 7.8 | 2026-04-07 | A flaw was found in libssh. This vulnerability allows local man-in-the-middle attacks, security downgrades of SSH (Secure Shell) connections, and manipulation… |
CVE-2026-4775 | High | 7.8 | 2026-03-24 | A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by pr… |
CVE-2026-1584 | High | 7.5 | 2026-04-09 | A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invali… |
CVE-2026-5121 | High | 7.5 | 2026-03-30 | A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can… |
CVE-2026-4424 | High | 7.5 | 2026-03-19 | A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sl… |
CVE-2026-42010 | High | 7.1 | 2026-05-07 | A flaw was found in gnutls. Servers configured with RSA-PSK (Rivest–Shamir–Adleman – Pre-Shared Key) wrongfully matched usernames containing a NUL character wi… |
CVE-2026-9149 | Medium | 6.5 | 2026-05-21 | A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size v… |
CVE-2026-9150 | Medium | 6.5 | 2026-05-20 | A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian… |
CVE-2026-3833 | Medium | 6.5 | 2026-04-30 | A flaw was found in gnutls. This vulnerability occurs because gnutls performs case-sensitive comparisons of `nameConstraints` labels, specifically for `dNSName… |
CVE-2026-6732 | Medium | 6.5 | 2026-04-23 | A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that inclu… |
CVE-2026-4426 | Medium | 6.5 | 2026-03-19 | A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field (`pz_log… |
CVE-2026-0964 | Medium | 6.3 | 2026-03-26 | A malicious SCP server can send unexpected paths that could make the client application override local files outside of working directory. This could be misuse… |
CVE-2026-6844 | Medium | 5.5 | 2026-04-22 | A flaw was found in the `readelf` utility of the binutils package. A local attacker could exploit two Denial of Service (DoS) vulnerabilities by providing a sp… |
CVE-2026-5745 | Medium | 5.5 | 2026-04-07 | A flaw was found in libarchive. A NULL pointer dereference vulnerability exists in the ACL parsing logic, specifically within the archive_acl_from_text_nl() fu… |
CVE-2026-2100 | Medium | 5.3 | 2026-03-26 | A flaw was found in p11-kit. A remote attacker could exploit this vulnerability by calling the C_DeriveKey function on a remote token with specific IBM kyber o… |
CVE-2026-6845 | Medium | 5.0 | 2026-04-22 | A flaw was found in binutils, specifically within the `readelf` utility. This vulnerability allows a local attacker to cause a Denial of Service (DoS) by trick… |
CVE-2026-2625 | Medium | 4.0 | 2026-04-03 | A flaw was found in rust-rpm-sequoia. An attacker can exploit this vulnerability by providing a specially crafted Red Hat Package Manager (RPM) file. During th… |