{ "threat_severity" : "Important", "public_date" : "2025-07-15T13:44:00Z", "bugzilla" : { "description" : "sqlite: Integer Truncation in SQLite", "id" : "2380149", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2380149" }, "cvss3" : { "cvss3_base_score" : "7.7", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L", "status" : "verified" }, "cwe" : "CWE-197", "details" : [ "There exists a vulnerability in SQLite versions before 3.50.2 where the number of aggregate terms could exceed the number of columns available. This could lead to a memory corruption issue. We recommend upgrading to version 3.50.2 or above.", "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior." ], "statement" : "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner—typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 10", "release_date" : "2025-07-28T00:00:00Z", "advisory" : "RHSA-2025:11933", "cpe" : "cpe:/o:redhat:enterprise_linux:10.0", "package" : "sqlite-0:3.46.1-5.el10_0" }, { "product_name" : "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date" : "2025-07-31T00:00:00Z", "advisory" : "RHSA-2025:12349", "cpe" : "cpe:/o:redhat:rhel_els:7", "package" : "sqlite-0:3.7.17-9.el7_9.1" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2025-07-28T00:00:00Z", "advisory" : "RHSA-2025:11803", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "nodejs:22-8100020250717142920.6d880403" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2025-07-28T00:00:00Z", "advisory" : "RHSA-2025:12010", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "sqlite-0:3.26.0-20.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2025-08-19T00:00:00Z", "advisory" : "RHSA-2025:14101", "cpe" : "cpe:/a:redhat:enterprise_linux:8::crb", "package" : "mingw-sqlite-0:3.26.0.0-2.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2025-07-28T00:00:00Z", "advisory" : "RHSA-2025:12010", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "sqlite-0:3.26.0-20.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date" : "2025-08-05T00:00:00Z", "advisory" : "RHSA-2025:12901", "cpe" : "cpe:/a:redhat:rhel_aus:8.2", "package" : "sqlite-0:3.26.0-6.el8_2.1" }, { "product_name" : "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date" : "2026-01-05T00:00:00Z", "advisory" : "RHSA-2026:0078", "cpe" : "cpe:/a:redhat:rhel_aus:8.2", "package" : "spice-client-win-0:8.10-3.el8_2.1" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2025-08-05T00:00:00Z", "advisory" : "RHSA-2025:12905", "cpe" : "cpe:/a:redhat:rhel_aus:8.4", "package" : "sqlite-0:3.26.0-13.el8_4.1" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date" : "2026-01-05T00:00:00Z", "advisory" : "RHSA-2026:0077", "cpe" : "cpe:/a:redhat:rhel_aus:8.4", "package" : "spice-client-win-0:8.10-3.el8_4.1" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "release_date" : "2025-08-05T00:00:00Z", "advisory" : "RHSA-2025:12905", "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.4", "package" : "sqlite-0:3.26.0-13.el8_4.1" }, { "product_name" : "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "release_date" : "2026-01-05T00:00:00Z", "advisory" : "RHSA-2026:0077", "cpe" : "cpe:/a:redhat:rhel_eus_long_life:8.4", "package" : "spice-client-win-0:8.10-3.el8_4.1" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date" : "2025-08-05T00:00:00Z", "advisory" : "RHSA-2025:12904", "cpe" : "cpe:/a:redhat:rhel_aus:8.6", "package" : "sqlite-0:3.26.0-16.el8_6.3" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date" : "2026-01-05T00:00:00Z", "advisory" : "RHSA-2026:0076", "cpe" : "cpe:/a:redhat:rhel_aus:8.6", "package" : "spice-client-win-0:8.10-3.el8_6.1" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2025-08-05T00:00:00Z", "advisory" : "RHSA-2025:12904", "cpe" : "cpe:/a:redhat:rhel_tus:8.6", "package" : "sqlite-0:3.26.0-16.el8_6.3" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2026-01-05T00:00:00Z", "advisory" : "RHSA-2026:0076", "cpe" : "cpe:/a:redhat:rhel_tus:8.6", "package" : "spice-client-win-0:8.10-3.el8_6.1" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2025-08-05T00:00:00Z", "advisory" : "RHSA-2025:12904", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6", "package" : "sqlite-0:3.26.0-16.el8_6.3" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2026-01-05T00:00:00Z", "advisory" : "RHSA-2026:0076", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6", "package" : "spice-client-win-0:8.10-3.el8_6.1" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date" : "2025-08-04T00:00:00Z", "advisory" : "RHSA-2025:12521", "cpe" : "cpe:/a:redhat:rhel_tus:8.8", "package" : "sqlite-0:3.26.0-18.el8_8.2" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date" : "2026-01-05T00:00:00Z", "advisory" : "RHSA-2026:0001", "cpe" : "cpe:/a:redhat:rhel_tus:8.8", "package" : "spice-client-win-0:8.10-3.el8_8.1" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date" : "2025-08-04T00:00:00Z", "advisory" : "RHSA-2025:12521", "cpe" : "cpe:/a:redhat:rhel_e4s:8.8", "package" : "sqlite-0:3.26.0-18.el8_8.2" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date" : "2026-01-05T00:00:00Z", "advisory" : "RHSA-2026:0001", "cpe" : "cpe:/a:redhat:rhel_e4s:8.8", "package" : "spice-client-win-0:8.10-3.el8_8.1" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-07-28T00:00:00Z", "advisory" : "RHSA-2025:11802", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "nodejs:22-9060020250721113755.rhel9" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-07-28T00:00:00Z", "advisory" : "RHSA-2025:11992", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "sqlite-0:3.34.1-8.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-11-11T00:00:00Z", "advisory" : "RHSA-2025:20936", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "sqlite-0:3.34.1-9.el9_7" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-07-28T00:00:00Z", "advisory" : "RHSA-2025:11992", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "sqlite-0:3.34.1-8.el9_6" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-11-11T00:00:00Z", "advisory" : "RHSA-2025:20936", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "sqlite-0:3.34.1-9.el9_7" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2025-08-04T00:00:00Z", "advisory" : "RHSA-2025:12522", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "sqlite-0:3.34.1-5.el9_0.1" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date" : "2025-08-04T00:00:00Z", "advisory" : "RHSA-2025:12749", "cpe" : "cpe:/a:redhat:rhel_e4s:9.2", "package" : "sqlite-0:3.34.1-6.el9_2.2" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2025-07-29T00:00:00Z", "advisory" : "RHSA-2025:12036", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "sqlite-0:3.34.1-7.el9_4.1" }, { "product_name" : "Red Hat OpenShift Container Platform 4.12", "release_date" : "2025-11-13T00:00:00Z", "advisory" : "RHSA-2025:19894", "cpe" : "cpe:/a:redhat:openshift:4.12::el8", "package" : "rhcos-412.86.202510291903-0" }, { "product_name" : "Red Hat OpenShift Container Platform 4.13", "release_date" : "2025-10-23T00:00:00Z", "advisory" : "RHSA-2025:18240", "cpe" : "cpe:/a:redhat:openshift:4.13::el9", "package" : "rhcos-413.92.202510150118-0" }, { "product_name" : "Red Hat OpenShift Container Platform 4.14", "release_date" : "2025-10-30T00:00:00Z", "advisory" : "RHSA-2025:19041", "cpe" : "cpe:/a:redhat:openshift:4.14::el9", "package" : "rhcos-414.92.202510211419-0" }, { "product_name" : "Red Hat OpenShift Container Platform 4.17", "release_date" : "2025-10-22T00:00:00Z", "advisory" : "RHSA-2025:18218", "cpe" : "cpe:/a:redhat:openshift:4.17::el9", "package" : "rhcos-417.94.202510112152-0" }, { "product_name" : "Red Hat OpenShift Container Platform 4.18", "release_date" : "2025-10-29T00:00:00Z", "advisory" : "RHSA-2025:19046", "cpe" : "cpe:/a:redhat:openshift:4.18::el9", "package" : "rhcos-418.94.202510230424-0" }, { "product_name" : "Red Hat OpenShift Container Platform 4.19", "release_date" : "2025-10-22T00:00:00Z", "advisory" : "RHSA-2025:18217", "cpe" : "cpe:/a:redhat:openshift:4.19::el9", "package" : "rhcos-4.19.9.6.202510140714-0" }, { "product_name" : "Red Hat OpenShift Container Platform 4.20", "release_date" : "2025-10-21T00:00:00Z", "advisory" : "RHSA-2025:15397", "cpe" : "cpe:/a:redhat:openshift:4.20::el9", "package" : "rhcos-4.20.9.6.202509251656-0" }, { "product_name" : "Red Hat Web Terminal 1.11 on RHEL 9", "release_date" : "2025-09-15T00:00:00Z", "advisory" : "RHSA-2025:15828", "cpe" : "cpe:/a:redhat:webterminal:1.11::el9", "package" : "web-terminal/web-terminal-rhel9-operator:1.11-19" }, { "product_name" : "Red Hat Web Terminal 1.11 on RHEL 9", "release_date" : "2025-09-15T00:00:00Z", "advisory" : "RHSA-2025:15828", "cpe" : "cpe:/a:redhat:webterminal:1.11::el9", "package" : "web-terminal/web-terminal-tooling-rhel9:1.11-8" }, { "product_name" : "Red Hat Web Terminal 1.12 on RHEL 9", "release_date" : "2025-09-15T00:00:00Z", "advisory" : "RHSA-2025:15827", "cpe" : "cpe:/a:redhat:webterminal:1.12::el9", "package" : "web-terminal/web-terminal-tooling-rhel9:1.12-4" }, { "product_name" : "RHOSS-1.36-RHEL-8", "release_date" : "2026-01-22T00:00:00Z", "advisory" : "RHSA-2026:0934", "cpe" : "cpe:/a:redhat:openshift_serverless:1.36::el8", "package" : "openshift-serverless-1/logic-data-index-ephemeral-rhel8:1.36.0-11" }, { "product_name" : "RHOSS-1.36-RHEL-8", "release_date" : "2026-01-22T00:00:00Z", "advisory" : "RHSA-2026:0934", "cpe" : "cpe:/a:redhat:openshift_serverless:1.36::el8", "package" : "openshift-serverless-1/logic-data-index-postgresql-rhel8:1.36.0-11" }, { "product_name" : "RHOSS-1.36-RHEL-8", "release_date" : "2026-01-22T00:00:00Z", "advisory" : "RHSA-2026:0934", "cpe" : "cpe:/a:redhat:openshift_serverless:1.36::el8", "package" : "openshift-serverless-1/logic-db-migrator-tool-rhel8:1.36.0-11" }, { "product_name" : "RHOSS-1.36-RHEL-8", "release_date" : "2026-01-22T00:00:00Z", "advisory" : "RHSA-2026:0934", "cpe" : "cpe:/a:redhat:openshift_serverless:1.36::el8", "package" : "openshift-serverless-1/logic-jobs-service-ephemeral-rhel8:1.36.0-10" }, { "product_name" : "RHOSS-1.36-RHEL-8", "release_date" : "2026-01-22T00:00:00Z", "advisory" : "RHSA-2026:0934", "cpe" : "cpe:/a:redhat:openshift_serverless:1.36::el8", "package" : "openshift-serverless-1/logic-jobs-service-postgresql-rhel8:1.36.0-10" }, { "product_name" : "RHOSS-1.36-RHEL-8", "release_date" : "2026-01-22T00:00:00Z", "advisory" : "RHSA-2026:0934", "cpe" : "cpe:/a:redhat:openshift_serverless:1.36::el8", "package" : "openshift-serverless-1/logic-kn-workflow-cli-artifacts-rhel8:1.36.0-4" }, { "product_name" : "RHOSS-1.36-RHEL-8", "release_date" : "2026-01-22T00:00:00Z", "advisory" : "RHSA-2026:0934", "cpe" : "cpe:/a:redhat:openshift_serverless:1.36::el8", "package" : "openshift-serverless-1/logic-management-console-rhel8:1.36.0-9" }, { "product_name" : "RHOSS-1.36-RHEL-8", "release_date" : "2026-01-22T00:00:00Z", "advisory" : "RHSA-2026:0934", "cpe" : "cpe:/a:redhat:openshift_serverless:1.36::el8", "package" : "openshift-serverless-1/logic-operator-bundle:1.36.0-12" }, { "product_name" : "RHOSS-1.36-RHEL-8", "release_date" : "2026-01-22T00:00:00Z", "advisory" : "RHSA-2026:0934", "cpe" : "cpe:/a:redhat:openshift_serverless:1.36::el8", "package" : "openshift-serverless-1/logic-rhel8-operator:1.36.0-18" }, { "product_name" : "RHOSS-1.36-RHEL-8", "release_date" : "2026-01-22T00:00:00Z", "advisory" : "RHSA-2026:0934", "cpe" : "cpe:/a:redhat:openshift_serverless:1.36::el8", "package" : "openshift-serverless-1/logic-swf-builder-rhel8:1.36.0-11" }, { "product_name" : "RHOSS-1.36-RHEL-8", "release_date" : "2026-01-22T00:00:00Z", "advisory" : "RHSA-2026:0934", "cpe" : "cpe:/a:redhat:openshift_serverless:1.36::el8", "package" : "openshift-serverless-1/logic-swf-devmode-rhel8:1.36.0-7" }, { "product_name" : "Service Interconnect 1 for RHEL 9", "release_date" : "2026-04-02T00:00:00Z", "advisory" : "RHSA-2026:6481", "cpe" : "cpe:/a:redhat:service_interconnect:1::el9", "package" : "service-interconnect/skupper-config-sync-rhel9:1.8.8-1" }, { "product_name" : "Service Interconnect 1 for RHEL 9", "release_date" : "2026-04-02T00:00:00Z", "advisory" : "RHSA-2026:6481", "cpe" : "cpe:/a:redhat:service_interconnect:1::el9", "package" : "service-interconnect/skupper-controller-podman-container-rhel9:1.8.8-1" }, { "product_name" : "Service Interconnect 1 for RHEL 9", "release_date" : "2026-04-02T00:00:00Z", "advisory" : "RHSA-2026:6481", "cpe" : "cpe:/a:redhat:service_interconnect:1::el9", "package" : "service-interconnect/skupper-controller-podman-rhel9:1.8.8-1" }, { "product_name" : "Service Interconnect 1 for RHEL 9", "release_date" : "2026-04-02T00:00:00Z", "advisory" : "RHSA-2026:6481", "cpe" : "cpe:/a:redhat:service_interconnect:1::el9", "package" : "service-interconnect/skupper-flow-collector-rhel9:1.8.8-1" }, { "product_name" : "Service Interconnect 1 for RHEL 9", "release_date" : "2026-04-02T00:00:00Z", "advisory" : "RHSA-2026:6481", "cpe" : "cpe:/a:redhat:service_interconnect:1::el9", "package" : "service-interconnect/skupper-operator-bundle:1.8.8-1" }, { "product_name" : "Service Interconnect 1 for RHEL 9", "release_date" : "2026-04-02T00:00:00Z", "advisory" : "RHSA-2026:6481", "cpe" : "cpe:/a:redhat:service_interconnect:1::el9", "package" : "service-interconnect/skupper-router-rhel9:2.7.6-5" }, { "product_name" : "Service Interconnect 1 for RHEL 9", "release_date" : "2026-04-02T00:00:00Z", "advisory" : "RHSA-2026:6481", "cpe" : "cpe:/a:redhat:service_interconnect:1::el9", "package" : "service-interconnect/skupper-service-controller-rhel9:1.8.8-1" }, { "product_name" : "Service Interconnect 1 for RHEL 9", "release_date" : "2026-04-02T00:00:00Z", "advisory" : "RHSA-2026:6481", "cpe" : "cpe:/a:redhat:service_interconnect:1::el9", "package" : "service-interconnect/skupper-site-controller-rhel9:1.8.8-1" }, { "product_name" : "cert-manager operator for Red Hat OpenShift 1.16", "release_date" : "2025-10-16T00:00:00Z", "advisory" : "RHSA-2025:18219", "cpe" : "cpe:/a:redhat:cert_manager:1.16::el9", "package" : "cert-manager/jetstack-cert-manager-rhel9:sha256:1abdfac084e7c86e7a93a19e5cf6b54db79b903bfb7474a42200f753b29eda4b" }, { "product_name" : "Compliance Operator 1", "release_date" : "2025-11-20T00:00:00Z", "advisory" : "RHSA-2025:21885", "cpe" : "cpe:/a:redhat:openshift_compliance_operator:1::el9", "package" : "compliance/openshift-compliance-content-rhel8:sha256:0642196267bef5bc68c20a5ee4d35c5dd139fbb00a905578a85cab5e220f445a" }, { "product_name" : "Compliance Operator 1", "release_date" : "2025-11-20T00:00:00Z", "advisory" : "RHSA-2025:21885", "cpe" : "cpe:/a:redhat:openshift_compliance_operator:1::el9", "package" : "compliance/openshift-compliance-must-gather-rhel8:sha256:4953a7ea865ff38a4fe19d5536d8062870c262733c640a2c7e4bd9e0bfb3d498" }, { "product_name" : "Compliance Operator 1", "release_date" : "2025-11-20T00:00:00Z", "advisory" : "RHSA-2025:21885", "cpe" : "cpe:/a:redhat:openshift_compliance_operator:1::el9", "package" : "compliance/openshift-compliance-openscap-rhel8:sha256:06ad8599c4b0170264e40a45b0126504c87c37f0832265c7ff6541d2385b2049" }, { "product_name" : "Compliance Operator 1", "release_date" : "2025-11-20T00:00:00Z", "advisory" : "RHSA-2025:21885", "cpe" : "cpe:/a:redhat:openshift_compliance_operator:1::el9", "package" : "compliance/openshift-compliance-rhel8-operator:sha256:0903a7a5c857d96c84fd022e5785514eff201047e2fdd5d6699d79f17440ef02" }, { "product_name" : "File Integrity Operator 1", "release_date" : "2025-11-21T00:00:00Z", "advisory" : "RHSA-2025:21913", "cpe" : "cpe:/a:redhat:openshift_file_integrity_operator:1::el9", "package" : "compliance/openshift-file-integrity-rhel8-operator:sha256:364d11af112a5b1d3f28c9ea8b7aac678e111b9c7fca0516d61036904f318605" }, { "product_name" : "Red Hat Advanced Cluster Security 4.7", "release_date" : "2025-12-16T00:00:00Z", "advisory" : "RHSA-2025:23248", "cpe" : "cpe:/a:redhat:advanced_cluster_security:4.7::el8", "package" : "advanced-cluster-security/rhacs-collector-rhel8:sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758" }, { "product_name" : "Red Hat AI Inference Server 3.2", "release_date" : "2025-12-10T00:00:00Z", "advisory" : "RHSA-2025:23078", "cpe" : "cpe:/a:redhat:ai_inference_server:3.2::el9", "package" : "rhaiis/vllm-cuda-rhel9:sha256:bddcf7ab6d576572b6d60822c313ffebcd9869e4fde93e32ac327821f93cf32b" }, { "product_name" : "Red Hat AI Inference Server 3.2", "release_date" : "2025-12-10T00:00:00Z", "advisory" : "RHSA-2025:23079", "cpe" : "cpe:/a:redhat:ai_inference_server:3.2::el9", "package" : "rhaiis/vllm-rocm-rhel9:sha256:7856bdb7ae0d643a7b9362c164d4d4fe3c0c7186f5fff73a7ae9835b3df52e57" }, { "product_name" : "Red Hat AI Inference Server 3.2", "release_date" : "2025-12-10T00:00:00Z", "advisory" : "RHSA-2025:23080", "cpe" : "cpe:/a:redhat:ai_inference_server:3.2::el9", "package" : "rhaiis/model-opt-cuda-rhel9:sha256:14e32e88f1b89f59ed34a6d712746b82a6a54c6ed4727784f18aeff853abbdc7" }, { "product_name" : "Red Hat AI Inference Server 3.2", "release_date" : "2026-02-27T00:00:00Z", "advisory" : "RHSA-2026:3461", "cpe" : "cpe:/a:redhat:ai_inference_server:3.2::el9", "package" : "rhaiis/vllm-cuda-rhel9:sha256:dcb9d1cd005c40b6db6f893e56419e383b9dcc0d38315605cb1457e2af5354f7" }, { "product_name" : "Red Hat AI Inference Server 3.2", "release_date" : "2026-02-27T00:00:00Z", "advisory" : "RHSA-2026:3462", "cpe" : "cpe:/a:redhat:ai_inference_server:3.2::el9", "package" : "rhaiis/vllm-rocm-rhel9:sha256:53007894763e03f609c35c727cb738db3c2130b19fa0e1069c24240e0870fb7a" }, { "product_name" : "Red Hat Ceph Storage 7", "release_date" : "2025-12-01T00:00:00Z", "advisory" : "RHSA-2025:22529", "cpe" : "cpe:/a:redhat:ceph_storage:7::el9", "package" : "rhceph/rhceph-7-rhel9:sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe" }, { "product_name" : "Red Hat Ceph Storage 8", "release_date" : "2025-12-02T00:00:00Z", "advisory" : "RHSA-2025:22548", "cpe" : "cpe:/a:redhat:ceph_storage:8::el9", "package" : "rhceph/rhceph-8-rhel9:sha256:04a48d31f7336e0d5958eed1ddb1a117148f791baccef4e6e08943181e6794c8" }, { "product_name" : "Red Hat Ceph Storage 8", "release_date" : "2026-02-02T00:00:00Z", "advisory" : "RHSA-2026:1652", "cpe" : "cpe:/a:redhat:ceph_storage:8::el9", "package" : "rhceph/rhceph-8-rhel9:sha256:09aaeba975aa74bdf95d63e5619c0cabb1cd9e1410aa34e7f8ecf24a5e291d1a" }, { "product_name" : "Red Hat Discovery 2", "release_date" : "2025-08-06T00:00:00Z", "advisory" : "RHSA-2025:13267", "cpe" : "cpe:/a:redhat:discovery:2::el9", "package" : "discovery/discovery-server-rhel9:sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344" }, { "product_name" : "Red Hat Discovery 2", "release_date" : "2025-11-24T00:00:00Z", "advisory" : "RHSA-2025:21994", "cpe" : "cpe:/a:redhat:discovery:2::el9", "package" : "discovery/discovery-server-rhel9:sha256:97a1bb076f7f29a5f2b80c4724cb27c4e87f89c2d73a7719c44dc8c044329503" }, { "product_name" : "Red Hat Discovery 2", "release_date" : "2025-11-24T00:00:00Z", "advisory" : "RHSA-2025:21994", "cpe" : "cpe:/a:redhat:discovery:2::el9", "package" : "discovery/discovery-ui-rhel9:sha256:310df392f638ef6eca1a26db024ae2cb617db5932f886d2acddc92fb7289e740" }, { "product_name" : "Red Hat Insights proxy 1.5", "release_date" : "2025-08-07T00:00:00Z", "advisory" : "RHSA-2025:13335", "cpe" : "cpe:/a:redhat:insights_proxy:1.5::el9", "package" : "insights-proxy/insights-proxy-container-rhel9:sha256:c26d589f12647890b67aaa986f54d3f7c6f7f2563fb5a73f38d559e6138739d7" }, { "product_name" : "Red Hat Insights proxy 1.5", "release_date" : "2025-12-08T00:00:00Z", "advisory" : "RHSA-2025:22868", "cpe" : "cpe:/a:redhat:insights_proxy:1.5::el9", "package" : "insights-proxy/insights-proxy-container-rhel9:sha256:1d72e553fe5a7696e600dc8fd2fe9050ba1992fa190bea622134ca7bfce7bb0d" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "firefox", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 10", "fix_state" : "Not affected", "package_name" : "thunderbird", "cpe" : "cpe:/o:redhat:enterprise_linux:10" }, { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "sqlite", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "firefox", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "firefox", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "rust-toolset:rhel8/rust", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Not affected", "package_name" : "thunderbird", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "firefox", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "rust", "cpe" : "cpe:/o:redhat:enterprise_linux:9" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Not affected", "package_name" : "thunderbird", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-6965\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-6965\nhttps://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL\nhttps://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8" ], "name" : "CVE-2025-6965", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }