[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-RHSA-2026:22714":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-06T02:55:33.997Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":36,"duplicates":37,"related":38,"reserved_at":9,"published_at":49,"modified_at":50,"state":9,"summary":51,"references_raw":53,"kevs":374,"epss":9,"epss_history":375,"metrics":376,"affected":383},"RHSA-2026:22714","Red Hat Security Advisory: osbuild-composer security update",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34],{"_key":15},"CVE-2025-61726",{"_key":17},"CVE-2025-61728",{"_key":19},"CVE-2025-68121",{"_key":21},"CVE-2026-4427",{"_key":23},"CVE-2026-25679",{"_key":25},"CVE-2026-27137",{"_key":27},"CVE-2026-32282",{"_key":29},"CVE-2026-32283",{"_key":31},"CVE-2026-32286",{"_key":33},"CVE-2026-33186",{"_key":35},"CVE-2026-34986",[],[],[39,40,41,43,44,45,46,47,48],{"_key":17},{"_key":31},{"_key":42},"GO-2026-4518",{"_key":29},{"_key":15},{"_key":19},{"_key":27},{"_key":25},{"_key":23},"2026-06-03T10:20:19Z","2026-06-05T10:06:14Z",{"cisa_kev":52,"cisa_ransomware":52,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[54,60,65,70,74,78,82,86,90,94,98,102,106,110,114,118,122,126,130,134,138,142,146,150,154,158,162,166,170,174,178,182,186,190,194,198,202,206,210,214,218,222,226,230,234,238,242,246,250,254,258,262,266,270,274,278,282,286,290,294,298,302,306,310,314,318,322,326,330,334,338,342,346,350,354,358,362,366,370],{"url":55,"sources":56,"tags":58},"https://access.redhat.com/errata/RHSA-2026:22714",[57],"osv_red_hat",[59],"Advisory",{"url":61,"sources":62,"tags":63},"https://access.redhat.com/security/updates/classification/#important",[57],[64],"ARTICLE",{"url":66,"sources":67,"tags":68},"https://bugzilla.redhat.com/show_bug.cgi?id=2434431",[57],[69],"REPORT",{"url":71,"sources":72,"tags":73},"https://bugzilla.redhat.com/show_bug.cgi?id=2434432",[57],[69],{"url":75,"sources":76,"tags":77},"https://bugzilla.redhat.com/show_bug.cgi?id=2437111",[57],[69],{"url":79,"sources":80,"tags":81},"https://bugzilla.redhat.com/show_bug.cgi?id=2445345",[57],[69],{"url":83,"sources":84,"tags":85},"https://bugzilla.redhat.com/show_bug.cgi?id=2445356",[57],[69],{"url":87,"sources":88,"tags":89},"https://bugzilla.redhat.com/show_bug.cgi?id=2448626",[57],[69],{"url":91,"sources":92,"tags":93},"https://bugzilla.redhat.com/show_bug.cgi?id=2449833",[57],[69],{"url":95,"sources":96,"tags":97},"https://bugzilla.redhat.com/show_bug.cgi?id=2451847",[57],[69],{"url":99,"sources":100,"tags":101},"https://bugzilla.redhat.com/show_bug.cgi?id=2455470",[57],[69],{"url":103,"sources":104,"tags":105},"https://bugzilla.redhat.com/show_bug.cgi?id=2456336",[57],[69],{"url":107,"sources":108,"tags":109},"https://bugzilla.redhat.com/show_bug.cgi?id=2456338",[57],[69],{"url":111,"sources":112,"tags":113},"https://issues.redhat.com/browse/RHEL-179251",[57],[64],{"url":115,"sources":116,"tags":117},"https://issues.redhat.com/browse/RHEL-180018",[57],[64],{"url":119,"sources":120,"tags":121},"https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_22714.json",[57],[59],{"url":123,"sources":124,"tags":125},"https://access.redhat.com/security/cve/CVE-2025-61726",[57],[69],{"url":127,"sources":128,"tags":129},"https://www.cve.org/CVERecord?id=CVE-2025-61726",[57],[59],{"url":131,"sources":132,"tags":133},"https://nvd.nist.gov/vuln/detail/CVE-2025-61726",[57],[59],{"url":135,"sources":136,"tags":137},"https://go.dev/cl/736712",[57],[64],{"url":139,"sources":140,"tags":141},"https://go.dev/issue/77101",[57],[64],{"url":143,"sources":144,"tags":145},"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",[57],[64],{"url":147,"sources":148,"tags":149},"https://pkg.go.dev/vuln/GO-2026-4341",[57],[59],{"url":151,"sources":152,"tags":153},"https://access.redhat.com/security/cve/CVE-2025-61728",[57],[69],{"url":155,"sources":156,"tags":157},"https://www.cve.org/CVERecord?id=CVE-2025-61728",[57],[59],{"url":159,"sources":160,"tags":161},"https://nvd.nist.gov/vuln/detail/CVE-2025-61728",[57],[59],{"url":163,"sources":164,"tags":165},"https://go.dev/cl/736713",[57],[64],{"url":167,"sources":168,"tags":169},"https://go.dev/issue/77102",[57],[64],{"url":171,"sources":172,"tags":173},"https://pkg.go.dev/vuln/GO-2026-4342",[57],[59],{"url":175,"sources":176,"tags":177},"https://access.redhat.com/security/cve/CVE-2025-68121",[57],[69],{"url":179,"sources":180,"tags":181},"https://www.cve.org/CVERecord?id=CVE-2025-68121",[57],[59],{"url":183,"sources":184,"tags":185},"https://nvd.nist.gov/vuln/detail/CVE-2025-68121",[57],[59],{"url":187,"sources":188,"tags":189},"https://go.dev/cl/737700",[57],[64],{"url":191,"sources":192,"tags":193},"https://go.dev/issue/77217",[57],[64],{"url":195,"sources":196,"tags":197},"https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",[57],[64],{"url":199,"sources":200,"tags":201},"https://pkg.go.dev/vuln/GO-2026-4337",[57],[59],{"url":203,"sources":204,"tags":205},"https://access.redhat.com/security/cve/CVE-2026-4427",[57],[69],{"url":207,"sources":208,"tags":209},"https://www.cve.org/CVERecord?id=CVE-2026-4427",[57],[59],{"url":211,"sources":212,"tags":213},"https://access.redhat.com/security/cve/CVE-2026-25679",[57],[69],{"url":215,"sources":216,"tags":217},"https://www.cve.org/CVERecord?id=CVE-2026-25679",[57],[59],{"url":219,"sources":220,"tags":221},"https://nvd.nist.gov/vuln/detail/CVE-2026-25679",[57],[59],{"url":223,"sources":224,"tags":225},"https://go.dev/cl/752180",[57],[64],{"url":227,"sources":228,"tags":229},"https://go.dev/issue/77578",[57],[64],{"url":231,"sources":232,"tags":233},"https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",[57],[64],{"url":235,"sources":236,"tags":237},"https://pkg.go.dev/vuln/GO-2026-4601",[57],[59],{"url":239,"sources":240,"tags":241},"https://access.redhat.com/security/cve/CVE-2026-27137",[57],[69],{"url":243,"sources":244,"tags":245},"https://www.cve.org/CVERecord?id=CVE-2026-27137",[57],[59],{"url":247,"sources":248,"tags":249},"https://nvd.nist.gov/vuln/detail/CVE-2026-27137",[57],[59],{"url":251,"sources":252,"tags":253},"https://go.dev/cl/752182",[57],[64],{"url":255,"sources":256,"tags":257},"https://go.dev/issue/77952",[57],[64],{"url":259,"sources":260,"tags":261},"https://pkg.go.dev/vuln/GO-2026-4599",[57],[59],{"url":263,"sources":264,"tags":265},"https://access.redhat.com/security/cve/CVE-2026-32282",[57],[69],{"url":267,"sources":268,"tags":269},"https://www.cve.org/CVERecord?id=CVE-2026-32282",[57],[59],{"url":271,"sources":272,"tags":273},"https://nvd.nist.gov/vuln/detail/CVE-2026-32282",[57],[59],{"url":275,"sources":276,"tags":277},"https://go.dev/cl/763761",[57],[64],{"url":279,"sources":280,"tags":281},"https://go.dev/issue/78293",[57],[64],{"url":283,"sources":284,"tags":285},"https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",[57],[64],{"url":287,"sources":288,"tags":289},"https://pkg.go.dev/vuln/GO-2026-4864",[57],[59],{"url":291,"sources":292,"tags":293},"https://access.redhat.com/security/cve/CVE-2026-32283",[57],[69],{"url":295,"sources":296,"tags":297},"https://www.cve.org/CVERecord?id=CVE-2026-32283",[57],[59],{"url":299,"sources":300,"tags":301},"https://nvd.nist.gov/vuln/detail/CVE-2026-32283",[57],[59],{"url":303,"sources":304,"tags":305},"https://go.dev/cl/763767",[57],[64],{"url":307,"sources":308,"tags":309},"https://go.dev/issue/78334",[57],[64],{"url":311,"sources":312,"tags":313},"https://pkg.go.dev/vuln/GO-2026-4870",[57],[59],{"url":315,"sources":316,"tags":317},"https://access.redhat.com/security/cve/CVE-2026-32286",[57],[69],{"url":319,"sources":320,"tags":321},"https://www.cve.org/CVERecord?id=CVE-2026-32286",[57],[59],{"url":323,"sources":324,"tags":325},"https://nvd.nist.gov/vuln/detail/CVE-2026-32286",[57],[59],{"url":327,"sources":328,"tags":329},"https://github.com/golang/vulndb/issues/4518",[57],[64],{"url":331,"sources":332,"tags":333},"https://github.com/jackc/pgx/issues/2507",[57],[64],{"url":335,"sources":336,"tags":337},"https://pkg.go.dev/vuln/GO-2026-4518",[57],[59],{"url":339,"sources":340,"tags":341},"https://access.redhat.com/security/cve/CVE-2026-33186",[57],[69],{"url":343,"sources":344,"tags":345},"https://www.cve.org/CVERecord?id=CVE-2026-33186",[57],[59],{"url":347,"sources":348,"tags":349},"https://nvd.nist.gov/vuln/detail/CVE-2026-33186",[57],[59],{"url":351,"sources":352,"tags":353},"https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",[57],[64],{"url":355,"sources":356,"tags":357},"https://access.redhat.com/security/cve/CVE-2026-34986",[57],[69],{"url":359,"sources":360,"tags":361},"https://www.cve.org/CVERecord?id=CVE-2026-34986",[57],[59],{"url":363,"sources":364,"tags":365},"https://nvd.nist.gov/vuln/detail/CVE-2026-34986",[57],[59],{"url":367,"sources":368,"tags":369},"https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",[57],[64],{"url":371,"sources":372,"tags":373},"https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",[57],[64],[],[],[377],{"source":57,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":378,"cvss_v4_0":9},{"baseScore":379,"baseSeverity":9,"vectorString":380,"impactScore":381,"exploitabilityScore":382},9.1,"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",8.7,10,[384,396,400,404,408,412,416,420],{"ecosystem":385,"name":386,"vendor":387,"product":386,"cpe_part":9,"purl_type":388,"purl_namespace":387,"purl_name":386,"source":9,"versions":389},"Red Hat","osbuild-composer","redhat","rpm",[390],{"version":391,"is_range":392,"range_type":393,"version_start":9,"version_start_type":9,"version_end":394,"version_end_type":395,"fixed_in":9},"lt0:165_1_2_el9_8",true,"ecosystem","0:165.1-2.el9_8","excluding",{"ecosystem":385,"name":397,"vendor":387,"product":397,"cpe_part":9,"purl_type":388,"purl_namespace":387,"purl_name":397,"source":9,"versions":398},"osbuild-composer-core",[399],{"version":391,"is_range":392,"range_type":393,"version_start":9,"version_start_type":9,"version_end":394,"version_end_type":395,"fixed_in":9},{"ecosystem":385,"name":401,"vendor":387,"product":401,"cpe_part":9,"purl_type":388,"purl_namespace":387,"purl_name":401,"source":9,"versions":402},"osbuild-composer-core-debuginfo",[403],{"version":391,"is_range":392,"range_type":393,"version_start":9,"version_start_type":9,"version_end":394,"version_end_type":395,"fixed_in":9},{"ecosystem":385,"name":405,"vendor":387,"product":405,"cpe_part":9,"purl_type":388,"purl_namespace":387,"purl_name":405,"source":9,"versions":406},"osbuild-composer-debuginfo",[407],{"version":391,"is_range":392,"range_type":393,"version_start":9,"version_start_type":9,"version_end":394,"version_end_type":395,"fixed_in":9},{"ecosystem":385,"name":409,"vendor":387,"product":409,"cpe_part":9,"purl_type":388,"purl_namespace":387,"purl_name":409,"source":9,"versions":410},"osbuild-composer-debugsource",[411],{"version":391,"is_range":392,"range_type":393,"version_start":9,"version_start_type":9,"version_end":394,"version_end_type":395,"fixed_in":9},{"ecosystem":385,"name":413,"vendor":387,"product":413,"cpe_part":9,"purl_type":388,"purl_namespace":387,"purl_name":413,"source":9,"versions":414},"osbuild-composer-tests-debuginfo",[415],{"version":391,"is_range":392,"range_type":393,"version_start":9,"version_start_type":9,"version_end":394,"version_end_type":395,"fixed_in":9},{"ecosystem":385,"name":417,"vendor":387,"product":417,"cpe_part":9,"purl_type":388,"purl_namespace":387,"purl_name":417,"source":9,"versions":418},"osbuild-composer-worker",[419],{"version":391,"is_range":392,"range_type":393,"version_start":9,"version_start_type":9,"version_end":394,"version_end_type":395,"fixed_in":9},{"ecosystem":385,"name":421,"vendor":387,"product":421,"cpe_part":9,"purl_type":388,"purl_namespace":387,"purl_name":421,"source":9,"versions":422},"osbuild-composer-worker-debuginfo",[423],{"version":391,"is_range":392,"range_type":393,"version_start":9,"version_start_type":9,"version_end":394,"version_end_type":395,"fixed_in":9}]