Loading...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Critical
Fix Version/s: CY26Q1
Affects Version/s: None
Component/s: csaf-advisories, csaf-vex
Labels:
- reported-by-customer

Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False

Severity:
Critical
Risk Probability:
Very Likely
Risk Score:
0

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Current Behavior

I can see csaf and csaf-vex are not updated
for eg:
https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-9230.json
This doesn't have vendor_fix data for rhel8 - RHSA-2026:0337 which is fixed on Jan 8th.
Similarly, the rhsa csaf is not available in csaf/v2/advisories/2026 repo path.

Expected Behavior

I expected to be having updated data on csaf-vex and csaf. Might be still some files are not updated.

Impact{}
Not able to get regular CVE updates.

is related to

SECDATA-1180 Review of CVE-2024-6197 affect curl versions RHEL 10

In Progress

Assignee:: Zdenek Novacek

Reporter:: Swati Agarwal

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Created:: 2026/01/13 7:40 AM

Updated:: 2026/01/14 2:25 PM