{"id":"RHSA-2026:0076","summary":"Red Hat Security Advisory: spice-client-win security update","modified":"2026-04-09T10:06:16Z","published":"2026-01-06T10:09:33Z","upstream":["CVE-2025-59375","CVE-2025-6965","CVE-2025-8176","CVE-2025-9900"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2026:0076"},{"type":"ARTICLE","url":"https://access.redhat.com/security/updates/classification/#important"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2380149"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2383598"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2392784"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2395108"},{"type":"ADVISORY","url":"https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_0076.json"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-6965"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-6965"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6965"},{"type":"ARTICLE","url":"https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"},{"type":"ARTICLE","url":"https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-8176"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-8176"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-8176"},{"type":"ARTICLE","url":"http://www.libtiff.org/"},{"type":"ARTICLE","url":"https://gitlab.com/libtiff/libtiff/-/commit/fe10872e53efba9cc36c66ac4ab3b41a839d5172"},{"type":"ARTICLE","url":"https://gitlab.com/libtiff/libtiff/-/issues/707"},{"type":"ARTICLE","url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/727"},{"type":"ARTICLE","url":"https://vuldb.com/?ctiid.317590"},{"type":"ARTICLE","url":"https://vuldb.com/?id.317590"},{"type":"ARTICLE","url":"https://vuldb.com/?submit.621796"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-9900"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-9900"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-9900"},{"type":"ARTICLE","url":"https://github.com/SexyShoelessGodofWar/LibTiff-4.7.0-Write-What-Where?tab=readme-ov-file"},{"type":"ARTICLE","url":"https://gitlab.com/libtiff/libtiff/-/issues/704"},{"type":"ARTICLE","url":"https://gitlab.com/libtiff/libtiff/-/merge_requests/732"},{"type":"ARTICLE","url":"https://libtiff.gitlab.io/libtiff/releases/v4.7.1.html"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2025-59375"},{"type":"ADVISORY","url":"https://www.cve.org/CVERecord?id=CVE-2025-59375"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-59375"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"},{"type":"ARTICLE","url":"https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"}],"affected":[{"package":{"name":"spice-client-win","ecosystem":"Red Hat:rhel_aus:8.6::appstream","purl":"pkg:rpm/redhat/spice-client-win"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.10-3.el8_6.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:0076.json"}},{"package":{"name":"spice-client-win-x64","ecosystem":"Red Hat:rhel_aus:8.6::appstream","purl":"pkg:rpm/redhat/spice-client-win-x64"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.10-3.el8_6.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:0076.json"}},{"package":{"name":"spice-client-win-x86","ecosystem":"Red Hat:rhel_aus:8.6::appstream","purl":"pkg:rpm/redhat/spice-client-win-x86"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.10-3.el8_6.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:0076.json"}},{"package":{"name":"spice-client-win","ecosystem":"Red Hat:rhel_e4s:8.6::appstream","purl":"pkg:rpm/redhat/spice-client-win"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.10-3.el8_6.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:0076.json"}},{"package":{"name":"spice-client-win-x64","ecosystem":"Red Hat:rhel_e4s:8.6::appstream","purl":"pkg:rpm/redhat/spice-client-win-x64"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.10-3.el8_6.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:0076.json"}},{"package":{"name":"spice-client-win-x86","ecosystem":"Red Hat:rhel_e4s:8.6::appstream","purl":"pkg:rpm/redhat/spice-client-win-x86"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.10-3.el8_6.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:0076.json"}},{"package":{"name":"spice-client-win","ecosystem":"Red Hat:rhel_tus:8.6::appstream","purl":"pkg:rpm/redhat/spice-client-win"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.10-3.el8_6.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:0076.json"}},{"package":{"name":"spice-client-win-x64","ecosystem":"Red Hat:rhel_tus:8.6::appstream","purl":"pkg:rpm/redhat/spice-client-win-x64"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.10-3.el8_6.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:0076.json"}},{"package":{"name":"spice-client-win-x86","ecosystem":"Red Hat:rhel_tus:8.6::appstream","purl":"pkg:rpm/redhat/spice-client-win-x86"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0:8.10-3.el8_6.1"}]}],"database_specific":{"source":"https://security.access.redhat.com/data/osv/RHSA-2026:0076.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}