Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.
7.5

Red Hat osbuild-composer Software Update Fixes Security Flaw

RHSA-2026:3753
Summary

Red Hat has released an update for osbuild-composer, a tool used to build and compose operating system images. This update addresses a security issue that could allow an attacker to manipulate the build process, potentially leading to unauthorized access or data tampering. Affected users should update to the latest version to ensure the security and integrity of their system.

What to do
  • Update redhat osbuild-composer to version 0:149-4.el9_7.
  • Update redhat osbuild-composer-core to version 0:149-4.el9_7.
  • Update redhat osbuild-composer-core-debuginfo to version 0:149-4.el9_7.
  • Update redhat osbuild-composer-debuginfo to version 0:149-4.el9_7.
  • Update redhat osbuild-composer-debugsource to version 0:149-4.el9_7.
  • Update redhat osbuild-composer-tests-debuginfo to version 0:149-4.el9_7.
  • Update redhat osbuild-composer-worker to version 0:149-4.el9_7.
  • Update redhat osbuild-composer-worker-debuginfo to version 0:149-4.el9_7.
Affected software
VendorProductAffected versionsFix available
redhat osbuild-composer <= 0:149-4.el9_7 0:149-4.el9_7
redhat osbuild-composer-core <= 0:149-4.el9_7 0:149-4.el9_7
redhat osbuild-composer-core-debuginfo <= 0:149-4.el9_7 0:149-4.el9_7
redhat osbuild-composer-debuginfo <= 0:149-4.el9_7 0:149-4.el9_7
redhat osbuild-composer-debugsource <= 0:149-4.el9_7 0:149-4.el9_7
redhat osbuild-composer-tests-debuginfo <= 0:149-4.el9_7 0:149-4.el9_7
redhat osbuild-composer-worker <= 0:149-4.el9_7 0:149-4.el9_7
redhat osbuild-composer-worker-debuginfo <= 0:149-4.el9_7 0:149-4.el9_7
Original title
Red Hat Security Advisory: osbuild-composer security update
osv CVSS3.1 7.5
Published: 5 Mar 2026 · Updated: 7 Mar 2026 · First seen: 6 Mar 2026