{
  "schema_version": "1.7.0",
  "id": "RHSA-2026:34365",
  "related": [
    "GO-2026-4601",
    "GO-2026-4947",
    "GO-2026-4946",
    "GO-2026-4864",
    "GO-2026-4870",
    "GO-2026-4866"
  ],
  "upstream": [
    "CVE-2026-5135",
    "CVE-2026-5136",
    "CVE-2026-5138",
    "CVE-2026-5142",
    "CVE-2026-25679",
    "CVE-2026-27727",
    "CVE-2026-32280",
    "CVE-2026-32281",
    "CVE-2026-32282",
    "CVE-2026-32283",
    "CVE-2026-33810",
    "CVE-2026-40192",
    "CVE-2026-48526"
  ],
  "published": "2026-07-02T10:17:42Z",
  "modified": "2026-07-02T10:17:42Z",
  "summary": "Red Hat Security Advisory: Satellite 6.19.2 Async Update",
  "severity": [
    {
      "type": "CVSS_V3",
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L"
    }
  ],
  "affected": [
    {
      "package": {
        "name": "foreman",
        "ecosystem": "Red Hat:satellite_capsule:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-debug",
        "ecosystem": "Red Hat:satellite_capsule:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-debug"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-pcp",
        "ecosystem": "Red Hat:satellite_capsule:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-pcp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman",
        "ecosystem": "Red Hat:satellite_utils:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-cli",
        "ecosystem": "Red Hat:satellite_utils:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-cli"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-cli",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-cli"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-debug",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-debug"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-dynflow-sidekiq",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-dynflow-sidekiq"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-ec2",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-ec2"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-journald",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-journald"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-libvirt",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-libvirt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-openstack",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-openstack"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-pcp",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-pcp"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-postgresql",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-postgresql"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-redis",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-redis"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-service",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-service"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-telemetry",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-telemetry"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "foreman-vmware",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/foreman-vmware"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:3.18.0.7-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "yggdrasil-worker-forwarder",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/yggdrasil-worker-forwarder"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:0.0.3-5.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "candlepin",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/candlepin"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:4.7.5-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "candlepin-selinux",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/candlepin-selinux"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:4.7.5-1.el9sat"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-pillow",
        "ecosystem": "Red Hat:satellite_capsule:6.19::el9",
        "purl": "pkg:rpm/redhat/python3.12-pillow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:12.2.0-1.el9pc"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-pillow-debuginfo",
        "ecosystem": "Red Hat:satellite_capsule:6.19::el9",
        "purl": "pkg:rpm/redhat/python3.12-pillow-debuginfo"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:12.2.0-1.el9pc"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-pillow-debugsource",
        "ecosystem": "Red Hat:satellite_capsule:6.19::el9",
        "purl": "pkg:rpm/redhat/python3.12-pillow-debugsource"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:12.2.0-1.el9pc"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-pillow",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/python3.12-pillow"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:12.2.0-1.el9pc"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-pillow-debuginfo",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/python3.12-pillow-debuginfo"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:12.2.0-1.el9pc"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-pillow-debugsource",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/python3.12-pillow-debugsource"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:12.2.0-1.el9pc"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-pyjwt+crypto",
        "ecosystem": "Red Hat:satellite_capsule:6.19::el9",
        "purl": "pkg:rpm/redhat/python3.12-pyjwt%2Bcrypto"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:2.13.0-1.el9pc"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-pyjwt",
        "ecosystem": "Red Hat:satellite_capsule:6.19::el9",
        "purl": "pkg:rpm/redhat/python3.12-pyjwt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:2.13.0-1.el9pc"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-pyjwt+crypto",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/python3.12-pyjwt%2Bcrypto"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:2.13.0-1.el9pc"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "name": "python3.12-pyjwt",
        "ecosystem": "Red Hat:satellite:6.19::el9",
        "purl": "pkg:rpm/redhat/python3.12-pyjwt"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0:2.13.0-1.el9pc"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://access.redhat.com/errata/RHSA-2026:34365"
    },
    {
      "type": "ARTICLE",
      "url": "https://access.redhat.com/security/updates/classification/#important"
    },
    {
      "type": "ARTICLE",
      "url": "https://issues.redhat.com/browse/SAT-46096"
    },
    {
      "type": "ARTICLE",
      "url": "https://issues.redhat.com/browse/SAT-46097"
    },
    {
      "type": "ARTICLE",
      "url": "https://issues.redhat.com/browse/SAT-46098"
    },
    {
      "type": "ARTICLE",
      "url": "https://issues.redhat.com/browse/SAT-46101"
    },
    {
      "type": "ARTICLE",
      "url": "https://issues.redhat.com/browse/SAT-46102"
    },
    {
      "type": "ARTICLE",
      "url": "https://issues.redhat.com/browse/SAT-46103"
    },
    {
      "type": "ARTICLE",
      "url": "https://issues.redhat.com/browse/SAT-46106"
    },
    {
      "type": "ARTICLE",
      "url": "https://issues.redhat.com/browse/SAT-46107"
    },
    {
      "type": "ADVISORY",
      "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_34365.json"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-5135"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452230"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5135"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5135"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-5136"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452970"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5136"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5136"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-5138"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452971"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5138"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5138"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-5142"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452999"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-5142"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-5142"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-25679"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
    },
    {
      "type": "ARTICLE",
      "url": "https://go.dev/cl/752180"
    },
    {
      "type": "ARTICLE",
      "url": "https://go.dev/issue/77578"
    },
    {
      "type": "ARTICLE",
      "url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
    },
    {
      "type": "ADVISORY",
      "url": "https://pkg.go.dev/vuln/GO-2026-4601"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-27727"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2442671"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-27727"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27727"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/swaldman/mchange-commons-java/security/advisories/GHSA-m2cm-222f-qw44"
    },
    {
      "type": "ARTICLE",
      "url": "https://mogwailabs.de/en/blog/2025/02/c3p0-you-little-rascal"
    },
    {
      "type": "ARTICLE",
      "url": "https://www.mchange.com/projects/c3p0/#configuring_security"
    },
    {
      "type": "ARTICLE",
      "url": "https://www.mchange.com/projects/c3p0/#security-note"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-32280"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
    },
    {
      "type": "ARTICLE",
      "url": "https://go.dev/cl/758320"
    },
    {
      "type": "ARTICLE",
      "url": "https://go.dev/issue/78282"
    },
    {
      "type": "ARTICLE",
      "url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
    },
    {
      "type": "ADVISORY",
      "url": "https://pkg.go.dev/vuln/GO-2026-4947"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-32281"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
    },
    {
      "type": "ARTICLE",
      "url": "https://go.dev/cl/758061"
    },
    {
      "type": "ARTICLE",
      "url": "https://go.dev/issue/78281"
    },
    {
      "type": "ADVISORY",
      "url": "https://pkg.go.dev/vuln/GO-2026-4946"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-32282"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
    },
    {
      "type": "ARTICLE",
      "url": "https://go.dev/cl/763761"
    },
    {
      "type": "ARTICLE",
      "url": "https://go.dev/issue/78293"
    },
    {
      "type": "ADVISORY",
      "url": "https://pkg.go.dev/vuln/GO-2026-4864"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-32283"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
    },
    {
      "type": "ARTICLE",
      "url": "https://go.dev/cl/763767"
    },
    {
      "type": "ARTICLE",
      "url": "https://go.dev/issue/78334"
    },
    {
      "type": "ADVISORY",
      "url": "https://pkg.go.dev/vuln/GO-2026-4870"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-33810"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
    },
    {
      "type": "ARTICLE",
      "url": "https://go.dev/cl/763763"
    },
    {
      "type": "ARTICLE",
      "url": "https://go.dev/issue/78332"
    },
    {
      "type": "ADVISORY",
      "url": "https://pkg.go.dev/vuln/GO-2026-4866"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-40192"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2458856"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-40192"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-40192"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/python-pillow/Pillow/commit/3cb854e8b2bab43f40e342e665f9340d861aa628"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/python-pillow/Pillow/pull/9521"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/python-pillow/Pillow/security/advisories/GHSA-whj4-6x5x-4v2j"
    },
    {
      "type": "ARTICLE",
      "url": "https://pillow.readthedocs.io/en/stable/releasenotes/12.2.0.html#prevent-fits-decompression-bomb"
    },
    {
      "type": "REPORT",
      "url": "https://access.redhat.com/security/cve/CVE-2026-48526"
    },
    {
      "type": "REPORT",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2482734"
    },
    {
      "type": "ADVISORY",
      "url": "https://www.cve.org/CVERecord?id=CVE-2026-48526"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-48526"
    },
    {
      "type": "ARTICLE",
      "url": "https://github.com/jpadilla/pyjwt/security/advisories/GHSA-xgmm-8j9v-c9wx"
    }
  ]
}