1004 matches found
Moderate: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: freetype: freetype-2.14.3-1.hum1 aarch64, x8664 freetype-demos-2.14.3-1.hum1 aarch64, x8664 freetype-devel-2.14.3-1.hum1 aarch64, x8664 freetype-2.14.3-1.hum1.src src...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: qt6: qt6-filesystem-6.11.0-1.hum1 aarch64, x8664 qt6-rpm-macros-6.11.0-1.hum1 noarch qt6-srpm-macros-6.11.0-1.hum1 noarch qt6-6.11.0-1.hum1.src src...
Important: python3.11
Issue Overview: The webbrowser.open API would accept leading dashes in the URL which could be handled as command line options for certain web browsers. New behavior rejects leading dashes. Users are recommended to sanitize URLs prior to passing to webbrowser.open. CVE-2026-4519 Affected Packages:...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: yarnpkg: yarnpkg-1.22.22-18.1.hum1 aarch64, x8664 yarnpkg-1.22.22-18.1.hum1.src src...
Low: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: uriparser: mingw32-uriparser-1.0.0-2.1.hum1 noarch mingw64-uriparser-1.0.0-2.1.hum1 noarch uriparser-1.0.0-2.1.hum1 aarch64, x8664 uriparser-devel-1.0.0-2.1.hum1 aarch64, x8664...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: qt5: qt5-filesystem-5.15.18-2.1.hum1 aarch64, x8664 qt5-rpm-macros-5.15.18-2.1.hum1 noarch qt5-srpm-macros-5.15.18-2.1.hum1 noarch qt5-5.15.18-2.1.hum1.src src...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: php: php-8.5.5-1.1.hum1 aarch64, x8664 php-bcmath-8.5.5-1.1.hum1 aarch64, x8664 php-cli-8.5.5-1.1.hum1 aarch64, x8664 php-common-8.5.5-1.1.hum1 aarch64, x8664 php-dba-8.5.5-1.1.hum1 aarch64, x866...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: libtiff: libtiff-4.7.1-2.1.hum1 aarch64, x8664 libtiff-devel-4.7.1-2.1.hum1 aarch64, x8664 libtiff-static-4.7.1-2.1.hum1 aarch64, x8664 libtiff-tools-4.7.1-2.1.hum1 aarch64, x8664...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: python3.13: python3.13-3.13.13-1.hum1 aarch64, x8664 python3.13-debug-3.13.13-1.hum1 aarch64, x8664 python3.13-devel-3.13.13-1.hum1 aarch64, x8664 python3.13-freethreading-3.13.13-1.hum1 aarch64,...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: bind: bind-9.18.48-1.1.hum1 aarch64, x8664 bind-chroot-9.18.48-1.1.hum1 aarch64, x8664 bind-devel-9.18.48-1.1.hum1 aarch64, x8664 bind-dnssec-utils-9.18.48-1.1.hum1 aarch64, x8664...
GHSA-XX5W-CVP6-JV83 Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access
Impact Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch compiler -Ccompiler=winch. By default, Wasmtime uses its Cranelift backend, not...
Important: Red Hat Security Advisory: Red Hat Hardened Images RPMs bug fix and enhancement update
An update for Red Hat Hardened Images RPMs is now available. This update includes the following RPMs: nodejs20: nodejs20-20.20.0-7.1.hum1 aarch64, x8664 nodejs20-bin-20.20.0-7.1.hum1 noarch nodejs20-devel-20.20.0-7.1.hum1 aarch64, x8664 nodejs20-docs-20.20.0-7.1.hum1 noarch...
CVE-2026-34971
A flaw was found in Wasmtime, a runtime for WebAssembly. On aarch64 systems, a miscompilation bug in Wasmtime's Cranelift backend can be exploited by a guest WebAssembly module. This vulnerability allows the module to bypass memory bounds checks, enabling arbitrary read and write operations on th...
Wasmtime: Miscompiled guest heap access enables sandbox escape on aarch64 Cranelift
Impact Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that the wrong address is accessed. When combined with explicit bounds checks a guest WebAssembly module this can create a situation where there are two diverging...
DEBIAN-CVE-2026-34971
Wasmtime is a runtime for WebAssembly. From 32.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that the wrong address is accessed. When combined with explicit bounds checks a...
UBUNTU-CVE-2026-34971
Wasmtime is a runtime for WebAssembly. From 32.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime's Cranelift compilation backend contains a bug on aarch64 when performing a certain shape of heap accesses which means that the wrong address is accessed. When combined with explicit bounds checks a...
CVE-2026-34987 Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access
Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch...
CVE-2026-34987 Wasmtime with Winch compiler backend on aarch64 may allow a sandbox-escaping memory access
Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime with its Winch baseline non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability requires use of the Winch...
CVE-2026-34987
Wasmtime (WebAssembly runtime) with the Winch baseline compiler backend on aarch64 is vulnerable. From 25.0.0 up to but not including 36.0.7, 42.0.2, and 43.0.1, using -Ccompiler=winch may allow a guest Wasm to access host memory outside the linear-memory sandbox. The aarch64 variant has an obser...
CVE-2026-34971
Wasmtime’s Cranelift backend on the aarch64 path contains a miscompile of a specific load pattern (load(iadd(base, ishl(index, amt)))) that can diverge between bounds checking and loading, enabling an arbitrary read/write of host memory and thus a sandbox escape for guest WebAssembly. Affected ra...