{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-50181", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-06-13T19:17:51.726Z", "datePublished": "2025-06-19T01:08:00.340Z", "dateUpdated": "2025-06-23T16:46:13.820Z"}, "containers": {"cna": {"title": "urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation", "problemTypes": [{"descriptions": [{"cweId": "CWE-601", "lang": "en", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}}], "references": [{"name": "https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v"}, {"name": "https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857", "tags": ["x_refsource_MISC"], "url": "https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857"}], "affected": [{"vendor": "urllib3", "product": "urllib3", "versions": [{"version": "< 2.5.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-06-19T01:08:00.340Z"}, "descriptions": [{"lang": "en", "value": "urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable. This issue has been patched in version 2.5.0."}], "source": {"advisory": "GHSA-pq67-6m6q-mj2v", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-23T16:45:50.408081Z", "id": "CVE-2025-50181", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-23T16:46:13.820Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-50181", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-23T16:45:50.408081Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-23T16:46:05.279Z"}}], "cna": {"title": "urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation", "source": {"advisory": "GHSA-pq67-6m6q-mj2v", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "urllib3", "product": "urllib3", "versions": [{"status": "affected", "version": "< 2.5.0"}]}], "references": [{"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v", "name": "https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857", "name": "https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable. This issue has been patched in version 2.5.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-601", "description": "CWE-601: URL Redirection to Untrusted Site ('Open Redirect')"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-06-19T01:08:00.340Z"}}}, "cveMetadata": {"cveId": "CVE-2025-50181", "state": "PUBLISHED", "dateUpdated": "2025-06-23T16:46:13.820Z", "dateReserved": "2025-06-13T19:17:51.726Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-06-19T01:08:00.340Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:python:urllib3:*:*:*:*:*:*:*:*", "matchCriteriaId": "45C2B2EF-1774-47F0-9480-F5CE26947B78", "versionEndExcluding": "2.5.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable. This issue has been patched in version 2.5.0."}, {"lang": "es", "value": "urllib3 es una librer\u00eda cliente HTTP intuitiva para Python. Antes de la versi\u00f3n 2.5.0, era posible deshabilitar las redirecciones para todas las solicitudes instanciando un PoolManager y especificando reintentos para deshabilitarlas. Por defecto, las solicitudes y los usuarios de botocore no se ven afectados. Una aplicaci\u00f3n que intente mitigar vulnerabilidades de SSRF o de redirecci\u00f3n abierta deshabilitando las redirecciones a nivel de PoolManager seguir\u00e1 siendo vulnerable. Este problema se ha corregido en la versi\u00f3n 2.5.0."}], "id": "CVE-2025-50181", "lastModified": "2025-09-18T13:51:10.240", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.6, "impactScore": 3.6, "source": "security-advisories@github.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-06-19T01:15:24.453", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857"}, {"source": "security-advisories@github.com", "tags": ["Vendor Advisory", "Exploit"], "url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-601"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{"bugzilla": {"description": "urllib3: urllib3 redirects are not disabled when retries are disabled on PoolManager instantiation", "id": "2373799", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373799"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-601", "details": ["urllib3 is a user-friendly HTTP client library for Python. Prior to 2.5.0, it is possible to disable redirects for all requests by instantiating a PoolManager and specifying retries in a way that disable redirects. By default, requests and botocore users are not affected. An application attempting to mitigate SSRF or open redirect vulnerabilities by disabling redirects at the PoolManager level will remain vulnerable. This issue has been patched in version 2.5.0.", "A flaw was found in urllib3. The `PoolManager` class allows redirects to be disabled by configuring retries in a specific manner, effectively bypassing intended HTTP redirection behavior. A network attacker can leverage this configuration to manipulate request flows and disrupt service. This bypass occurs through improper handling of retry parameters during PoolManager instantiation. This issue can reult in a denial of service or unintended data exposure due to altered request destinations."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2025-50181", "package_state": [{"cpe": "cpe:/a:redhat:assisted_installer:2", "fix_state": "Out of support scope", "package_name": "rhai/assisted-installer-agent-rhel9", "product_name": "Assisted Installer for Red Hat OpenShift Container Platform 2"}, {"cpe": "cpe:/a:redhat:assisted_installer:2", "fix_state": "Out of support scope", "package_name": "rhai/assisted-installer-controller-rhel9", "product_name": "Assisted Installer for Red Hat OpenShift Container Platform 2"}, {"cpe": "cpe:/a:redhat:assisted_installer:2", "fix_state": "Out of support scope", "package_name": "rhai/assisted-installer-rhel9", "product_name": "Assisted Installer for Red Hat OpenShift Container Platform 2"}, {"cpe": "cpe:/a:redhat:openshift_builds:1", "fix_state": "Fix deferred", "package_name": "openshift-builds/openshift-builds-shared-resource-rhel9", "product_name": "Builds for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:openshift_builds:1", "fix_state": "Fix deferred", "package_name": "openshift-builds/openshift-builds-shared-resource-webhook-rhel9", "product_name": "Builds for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:cert_manager:1", "fix_state": "Fix deferred", "package_name": "cert-manager/cert-manager-istio-csr-rhel9", "product_name": "cert-manager Operator for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:cert_manager:1", "fix_state": "Fix deferred", "package_name": "cert-manager/cert-manager-operator-rhel9", "product_name": "cert-manager Operator for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:cert_manager:1", "fix_state": "Fix deferred", "package_name": "cert-manager/jetstack-cert-manager-acmesolver-rhel9", "product_name": "cert-manager Operator for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:cert_manager:1", "fix_state": "Fix deferred", "package_name": "cert-manager/jetstack-cert-manager-rhel9", "product_name": "cert-manager Operator for Red Hat OpenShift"}, {"cpe": "cpe:/a:redhat:confidential_compute_attestation:1", "fix_state": "Fix deferred", "package_name": "confidential-compute-attestation-tech-preview/trustee-rhel9", "product_name": "Confidential Compute Attestation"}, {"cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2", "fix_state": "Fix deferred", "package_name": "custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle", "product_name": "Custom Metric Autoscaler operator for Red Hat Openshift"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Will not fix", "package_name": "mtv-candidate/mtv-api-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Will not fix", "package_name": "mtv-candidate/mtv-console-plugin-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Will not fix", "package_name": "mtv-candidate/mtv-must-gather-rhel8", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Will not fix", "package_name": "mtv-candidate/mtv-openstack-populator-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Will not fix", "package_name": "mtv-candidate/mtv-ova-provider-server-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Will not fix", "package_name": "mtv-candidate/mtv-populator-controller-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Will not fix", "package_name": "mtv-candidate/mtv-rhel9-operator", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Will not fix", "package_name": "mtv-candidate/mtv-rhv-populator-rhel8", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Will not fix", "package_name": "mtv-candidate/mtv-validation-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Will not fix", "package_name": "mtv-candidate/mtv-virt-v2v-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:migration_toolkit_virtualization:2", "fix_state": "Will not fix", "package_name": "mtv-candidate/mtv-vsphere-xcopy-volume-populator-rhel9", "product_name": "Migration Toolkit for Virtualization"}, {"cpe": "cpe:/a:redhat:multiarch_tuning_operator", "fix_state": "Fix deferred", "package_name": "multiarch-tuning/multiarch-tuning-rhel9-operator", "product_name": "Multiarch Tuning Operator"}, {"cpe": "cpe:/a:redhat:network_observ_optr:1", "fix_state": "Will not fix", "package_name": "network-observability/network-observability-cli-rhel9", "product_name": "Network Observability Operator"}, {"cpe": "cpe:/a:redhat:openshift_lightspeed", "fix_state": "Fix deferred", "package_name": "openshift-lightspeed/lightspeed-console-plugin-rhel9", "product_name": "OpenShift Lightspeed"}, {"cpe": "cpe:/a:redhat:openshift_lightspeed", "fix_state": "Fix deferred", "package_name": "openshift-lightspeed/lightspeed-service-api-rhel9", "product_name": "OpenShift Lightspeed"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-chains-controller-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-cli-tkn-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-console-plugin-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Fix deferred", "package_name": "openshift-pipelines/pipelines-console-plugin-rhel9", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-controller-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-entrypoint-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-events-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-git-init-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-hub-api-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Fix deferred", "package_name": "openshift-pipelines/pipelines-hub-api-rhel9", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-hub-db-migration-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Fix deferred", "package_name": "openshift-pipelines/pipelines-hub-db-migration-rhel9", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-hub-ui-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Fix deferred", "package_name": "openshift-pipelines/pipelines-hub-ui-rhel9", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-manual-approval-gate-controller-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-manual-approval-gate-webhook-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-nop-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-operator-proxy-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-operator-webhook-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-pipelines-as-code-cli-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-pipelines-as-code-controller-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-pipelines-as-code-watcher-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-pipelines-as-code-webhook-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-resolvers-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-results-api-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-results-retention-policy-agent-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-results-watcher-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-rhel8-operator", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-sidecarlogresults-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-triggers-controller-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-triggers-core-interceptors-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-triggers-eventlistenersink-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-triggers-webhook-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-webhook-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:openshift_pipelines:1", "fix_state": "Will not fix", "package_name": "openshift-pipelines/pipelines-workingdirinit-rhel8", "product_name": "OpenShift Pipelines"}, {"cpe": "cpe:/a:redhat:serverless:1", "fix_state": "Fix deferred", "package_name": "openshift-serverless-1/kn-eventing-istio-controller-rhel8", "product_name": "OpenShift Serverless"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-cni-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-must-gather-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-pilot-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-proxyv2-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-rhel9-operator", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/istio-sail-operator-bundle", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/kiali-ossmc-rhel9", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:service_mesh:3", "fix_state": "Fix deferred", "package_name": "openshift-service-mesh/kiali-rhel9-operator", "product_name": "OpenShift Service Mesh 3"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Fix deferred", "package_name": "rhaiis/vllm-cuda-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ai_inference_server:3", "fix_state": "Fix deferred", "package_name": "rhaiis/vllm-rocm-rhel9", "product_name": "Red Hat AI Inference Server"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "aap-cloud-metrics-collector-container", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-24/de-minimal-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-24/de-minimal-rhel9", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Will not fix", "package_name": "ansible-automation-platform-24/ee-dellemc-openmanage-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-24/ee-supported-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-24/ee-supported-rhel9", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-24/lightspeed-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-24/platform-resource-runner-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-25/ansible-dev-tools-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-25/de-minimal-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-25/de-minimal-rhel9", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-25/ee-supported-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-25/ee-supported-rhel9", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-25/lightspeed-chatbot-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-25/lightspeed-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "ansible-automation-platform-25/platform-resource-runner-rhel8", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:ansible_automation_platform:2", "fix_state": "Fix deferred", "package_name": "automation-controller", "product_name": "Red Hat Ansible Automation Platform 2"}, {"cpe": "cpe:/a:redhat:quarkus:3", "fix_state": "Not affected", "package_name": "mandrel-for-jdk-21-rhel8", "product_name": "Red Hat build of Quarkus Native builder"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Fix deferred", "package_name": "rhdh/rhdh-hub-rhel9", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:rhdh:1", "fix_state": "Will not fix", "package_name": "rhdh/rhdh-rhel9-operator", "product_name": "Red Hat Developer Hub"}, {"cpe": "cpe:/a:redhat:discovery:1", "fix_state": "Fix deferred", "package_name": "discovery/discovery-server-rhel9", "product_name": "Red Hat Discovery 1"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Fix deferred", "package_name": "python-pip", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10-0-els/rhel", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10-0-els/rhel-minimal", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/bootc-image-builder", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/buildah", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/cups", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10-eus/rhel-10.0-bootc", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10-eus/rhel-10.0-bootc-image-builder", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/fdo-manufacturing-server", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/fdo-owner-onboarding-server", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/fdo-rendezvous-server", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/fdo-serviceinfo-api-server", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/go-toolset", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/grafana", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/httpd-24", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/keylime-registrar", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/keylime-verifier", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/mariadb-1011", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/memcached", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/mysql-84", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/net-snmp", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/nginx-126", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/nodejs-22", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/nodejs-22-minimal", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/pcp", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/perl-540", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/php-83", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/podman", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/postgresql-16", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/python-312-minimal", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/realtime-tests", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/rhel-bootc", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/rteval", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/rtla", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/ruby-33", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/s2i-base", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/s2i-core", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/skopeo", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/squid", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/support-tools", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/tang", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/toolbox", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/valkey-8", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "rhel10/varnish-7", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/buildah", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/go-toolset", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/httpd-24", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10-init", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10-micro", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10-minimal", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/nginx-126", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/nodejs-22", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/nodejs-22-minimal", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/perl-540", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/php-83", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/podman", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/python-312-minimal", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/ruby-33", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/s2i-base", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/s2i-core", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/skopeo", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/toolbox", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/ubi", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/ubi-init", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/ubi-micro", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "ubi10/ubi-minimal", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "python-pip", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "python-s3transfer", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Fix deferred", "package_name": "resource-agents", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "fence-agents", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3.11-pip", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python3.12-pip", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "python39:3.9/python3x-pip", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Fix deferred", "package_name": "python-pip", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "fence-agents", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python3.11-pip", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python3.12-pip", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "python-pip", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9-6-els/rhel", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9-6-els/rhel-minimal", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "rhel9/bootc-image-builder", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/buildah", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/cups", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9-eus/rhel-9.6-bootc", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9-eus/rhel-9.6-bootc-image-builder", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/fdo-manufacturing-server", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/fdo-owner-onboarding-server", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/fdo-rendezvous-server", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/fdo-serviceinfo-api-server", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/gcc-toolset-13-toolchain", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/gcc-toolset-14-toolchain", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/go-toolset", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/grafana", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/httpd-24", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/keylime-registrar", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/keylime-verifier", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/mariadb-1011", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/mariadb-105", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/memcached", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/mysql-80", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/mysql-84", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/net-snmp", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/nginx-120", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/nginx-122", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/nginx-124", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/nginx-126", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/nodejs-18", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/nodejs-18-minimal", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/nodejs-20", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/nodejs-20-minimal", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/nodejs-22", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/nodejs-22-minimal", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/pcp", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/perl-532", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/php-80", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/php-81", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/php-82", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/php-83", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/podman", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/postgresql-13", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/postgresql-15", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/postgresql-16", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/python-311", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/python-312", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/python-312-minimal", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/python-39", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/realtime-tests", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/redis-6", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/redis-7", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Fix deferred", "package_name": "rhel9/rhel-bootc", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/rsyslog", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/rteval", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/rtla", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/ruby-30", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/ruby-31", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/ruby-33", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/s2i-base", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/s2i-core", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/skopeo", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/squid", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/support-tools", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/tang", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/toolbox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "rhel9/varnish-6", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/buildah", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/go-toolset", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/httpd-24", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9-init", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9-micro", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9-minimal", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/nginx-120", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/nginx-122", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/nginx-124", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/nginx-126", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/nodejs-18", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/nodejs-18-minimal", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/nodejs-20", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/nodejs-20-minimal", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/nodejs-22", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/nodejs-22-minimal", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/perl-532", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/php-80", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/php-81", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/php-82", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/php-83", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/podman", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/python-311", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/python-312", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/python-312-minimal", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/python-39", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/ruby-30", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/ruby-31", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/ruby-33", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/s2i-base", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/s2i-core", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/skopeo", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/toolbox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/ubi", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/ubi-init", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/ubi-micro", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "ubi9/ubi-minimal", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-amd-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-aws-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-azure-amd-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-azure-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-gcp-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-intel-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/bootc-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/disk-image-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/docling-serve-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/gemma-2-9b-it", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/gemma-2-9b-it-fp8", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/granite-3.1-8b-lab-v1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/granite-3.1-8b-lab-v2.1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/granite-3.1-8b-starter-v1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/granite-3.1-8b-starter-v2.1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/granite-7b-redhat-lab", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/granite-7b-starter", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/granite-8b-code-base", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/granite-8b-code-instruct", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/granite-8b-lab-v1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/granite-8b-lab-v2-preview", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/granite-8b-starter-v1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/instructlab-amd-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/instructlab-intel-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/instructlab-nvidia-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/knowledge-adapter-v3", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/mixtral-8x7b-instruct-v0-1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/modelcar-docling-layout", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/modelcar-docling-tableformer", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-gemma-2-9b-it", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-gemma-2-9b-it-fp8", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/modelcar-granite-3-1-8b-lab-v1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-granite-3-1-8b-lab-v2", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-granite-3-1-8b-lab-v2-1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/modelcar-granite-3-1-8b-starter-v1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-granite-3-1-8b-starter-v2", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-granite-3-1-8b-starter-v2-1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/modelcar-granite-7b-redhat-lab", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/modelcar-granite-7b-starter", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/modelcar-granite-8b-code-base", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/modelcar-granite-8b-code-instruct", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/modelcar-granite-8b-lab-v1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/modelcar-granite-8b-lab-v2-preview", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/modelcar-granite-8b-starter-v1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-knowledge-adapter-v3", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-mixtral-8x7b-instruct-v0-1", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-prometheus-8x7b-v2-0", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-skills-adapter-v3", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/modelcar-snowflake-arctic-embed-l-v2.0", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/pathservice-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/prometheus-8x7b-v2-0", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Fix deferred", "package_name": "rhelai1/skills-adapter-v3", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:enterprise_linux_ai:1", "fix_state": "Will not fix", "package_name": "rhelai1/ui-rhel9", "product_name": "Red Hat Enterprise Linux AI (RHEL AI)"}, {"cpe": "cpe:/a:redhat:offline_knowledge_portal:1", "fix_state": "Fix deferred", "package_name": "offline-knowledge-portal/rhokp-rhel9", "product_name": "Red Hat Offline Knowledge Portal"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-dashboard-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-feast-operator-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-feature-server-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-kf-notebook-controller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-ml-pipelines-runtime-generic-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-modelmesh-runtime-adapter-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-model-registry-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-notebook-controller-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-trustyai-service-operator-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift_ai", "fix_state": "Fix deferred", "package_name": "rhoai/odh-trustyai-service-rhel8", "product_name": "Red Hat OpenShift AI (RHOAI)"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/microshift-bootc-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-ansible-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-ansible-rhel9-operator", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-olm-catalogd-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-olm-catalogd-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-olm-operator-controller-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ose-olm-operator-controller-rhel9", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "openshift4/ztp-site-generate-rhel8", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:quay:3", "fix_state": "Fix deferred", "package_name": "quay/quay-rhel8", "product_name": "Red Hat Quay 3"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Fix deferred", "package_name": "satellite/iop-advisor-engine-rhel9", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/client-server-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/rekor-backfill-redis-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/rekor-cli-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/rekor-search-ui-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/rekor-server-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/segment-reporting-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/trillian-database-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/trillian-redis-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/tuffer-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}, {"cpe": "cpe:/a:redhat:trusted_artifact_signer:1", "fix_state": "Will not fix", "package_name": "rhtas/tuftool-rhel9", "product_name": "Red Hat Trusted Artifact Signer"}], "public_date": "2025-06-19T01:08:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-50181\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-50181\nhttps://github.com/urllib3/urllib3/commit/f05b1329126d5be6de501f9d1e3e36738bc08857\nhttps://github.com/urllib3/urllib3/security/advisories/GHSA-pq67-6m6q-mj2v"], "statement": "A flaw was found in the urllib3 library where it could be tricked into disclosing the Proxy-Authorization header to a destination server when a CONNECT tunnel is used. An attacker can set up a malicious redirect to a crafted URL, which, when followed by the client application, will cause the Proxy-Authorization header to be sent to the attacker-controlled server. This leaks sensitive credentials for the proxy. The impact is primarily on confidentiality. While urllib3 is a ubiquitous component, the vulnerability requires a specific scenario where a user is connecting to a proxy that requires authentication and is redirected to a malicious endpoint. This lowers the exploitability compared to a direct, unauthenticated remote attack, thus, warranting a Moderate severity rating.", "threat_severity": "Moderate"}

{"created": "2025-06-20T13:24:21.518505+00:00", "updated": "2025-06-20T13:24:21.518574+00:00", "vendors": ["urllib3", "urllib3$PRODUCT$urllib3"]}