Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-25621 (GCVE-0-2024-25621)
Vulnerability from cvelistv5 – Published: 2025-11-06 18:36 – Updated: 2025-11-06 19:35
VLAI
EPSS
Title
containerd affected by a local privilege escalation via wide permissions on CRI directory
Summary
containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.
Severity
7.3 (High)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-279 - Incorrect Execution-Assigned Permissions
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/containerd/containerd/security… | x_refsource_CONFIRM |
| https://github.com/containerd/containerd/commit/7… | x_refsource_MISC |
| https://github.com/containerd/containerd/blob/mai… | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| containerd | containerd |
Affected:
< 1.7.29
Affected: >= 2.0.0-beta.0, < 2.0.7 Affected: >= 2.1.0-beta.0, < 2.1.5 Affected: >= 2.2.0-beta.0, < 2.2.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25621",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T19:34:44.710425Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T19:35:13.415Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "containerd",
"vendor": "containerd",
"versions": [
{
"status": "affected",
"version": "\u003c 1.7.29"
},
{
"status": "affected",
"version": "\u003e= 2.0.0-beta.0, \u003c 2.0.7"
},
{
"status": "affected",
"version": "\u003e= 2.1.0-beta.0, \u003c 2.1.5"
},
{
"status": "affected",
"version": "\u003e= 2.2.0-beta.0, \u003c 2.2.0"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-279",
"description": "CWE-279: Incorrect Execution-Assigned Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T18:36:21.566Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
},
{
"name": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"name": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
}
],
"source": {
"advisory": "GHSA-pwhc-rpq9-4c8w",
"discovery": "UNKNOWN"
},
"title": "containerd affected by a local privilege escalation via wide permissions on CRI directory"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-25621",
"datePublished": "2025-11-06T18:36:21.566Z",
"dateReserved": "2024-02-08T22:26:33.511Z",
"dateUpdated": "2025-11-06T19:35:13.415Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-25621",
"date": "2026-06-16",
"epss": "0.00142",
"percentile": "0.03817"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-25621\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-11-06T19:15:40.090\",\"lastModified\":\"2025-12-31T02:29:30.480\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\",\"baseScore\":7.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.3,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-279\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.7.29\",\"matchCriteriaId\":\"DD786582-F4AE-41DD-B61F-BD8AF4FC1A04\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.0.0\",\"versionEndExcluding\":\"2.0.7\",\"matchCriteriaId\":\"07087EDC-9E6A-45D1-B6D2-E7F4016CD46E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:containerd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.1.0\",\"versionEndExcluding\":\"2.1.5\",\"matchCriteriaId\":\"9E760B42-E25C-4780-85AE-D003D6425700\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:containerd:2.2.0:beta0:*:*:*:*:*:*\",\"matchCriteriaId\":\"EEF71FE5-2286-4D94-82DD-7509CE85F1F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:containerd:2.2.0:beta1:*:*:*:*:*:*\",\"matchCriteriaId\":\"3290FD7B-0A16-4968-9800-78B947EF213D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:containerd:2.2.0:beta2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E4352A29-4DFC-4EBE-BE0E-97DEB76E5A30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:containerd:2.2.0:rc0:*:*:*:*:*:*\",\"matchCriteriaId\":\"57685264-6950-4CB9-ACBE-6944EB3B2C1C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:linuxfoundation:containerd:2.2.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"4D640701-1D0B-41B7-83B0-79592902E6AC\"}]}]}],\"references\":[{\"url\":\"https://github.com/containerd/containerd/blob/main/docs/rootless.md\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Product\"]},{\"url\":\"https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-25621\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-11-06T19:34:44.710425Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-11-06T19:35:07.716Z\"}}], \"cna\": {\"title\": \"containerd affected by a local privilege escalation via wide permissions on CRI directory\", \"source\": {\"advisory\": \"GHSA-pwhc-rpq9-4c8w\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"containerd\", \"product\": \"containerd\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.7.29\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.0.0-beta.0, \u003c 2.0.7\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.1.0-beta.0, \u003c 2.1.5\"}, {\"status\": \"affected\", \"version\": \"\u003e= 2.2.0-beta.0, \u003c 2.2.0\"}]}], \"references\": [{\"url\": \"https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w\", \"name\": \"https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5\", \"name\": \"https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://github.com/containerd/containerd/blob/main/docs/rootless.md\", \"name\": \"https://github.com/containerd/containerd/blob/main/docs/rootless.md\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-279\", \"description\": \"CWE-279: Incorrect Execution-Assigned Permissions\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-11-06T18:36:21.566Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-25621\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-11-06T19:35:13.415Z\", \"dateReserved\": \"2024-02-08T22:26:33.511Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-11-06T18:36:21.566Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
GSD-2024-25621
Vulnerability from gsd - Updated: 2024-02-09 06:02Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-25621"
],
"id": "GSD-2024-25621",
"modified": "2024-02-09T06:02:34.345928Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2024-25621",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
MSRC_CVE-2024-25621
Vulnerability from csaf_microsoft - Published: 2025-11-02 00:00 - Updated: 2025-11-19 01:52Summary
containerd affected by a local privilege escalation via wide permissions on CRI directory
Notes
Additional Resources: To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle
Disclaimer: The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.
7.3 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 20657-17086 | — | ||
| Unresolved product id: 17461-17084 | — | ||
| Unresolved product id: 20654-17084 | — | ||
| Unresolved product id: 20658-17086 | — |
References
4 references
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2025/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2025/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25621 containerd affected by a local privilege escalation via wide permissions on CRI directory - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2024-25621.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "containerd affected by a local privilege escalation via wide permissions on CRI directory",
"tracking": {
"current_release_date": "2025-11-19T01:52:07.000Z",
"generator": {
"date": "2025-12-03T22:59:15.056Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2024-25621",
"initial_release_date": "2025-11-02T00:00:00.000Z",
"revision_history": [
{
"date": "2025-11-08T01:08:33.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2025-11-19T01:52:07.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "2.0",
"product": {
"name": "CBL Mariner 2.0",
"product_id": "17086"
}
},
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003ccbl2 moby-containerd 1.6.26-12",
"product": {
"name": "\u003ccbl2 moby-containerd 1.6.26-12",
"product_id": "2"
}
},
{
"category": "product_version",
"name": "cbl2 moby-containerd 1.6.26-12",
"product": {
"name": "cbl2 moby-containerd 1.6.26-12",
"product_id": "20657"
}
}
],
"category": "product_name",
"name": "moby-containerd"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 moby-containerd-cc 1.7.7-9",
"product": {
"name": "\u003cazl3 moby-containerd-cc 1.7.7-9",
"product_id": "4"
}
},
{
"category": "product_version",
"name": "azl3 moby-containerd-cc 1.7.7-9",
"product": {
"name": "azl3 moby-containerd-cc 1.7.7-9",
"product_id": "17461"
}
},
{
"category": "product_version_range",
"name": "\u003ccbl2 moby-containerd-cc 1.7.7-12",
"product": {
"name": "\u003ccbl2 moby-containerd-cc 1.7.7-12",
"product_id": "1"
}
},
{
"category": "product_version",
"name": "cbl2 moby-containerd-cc 1.7.7-12",
"product": {
"name": "cbl2 moby-containerd-cc 1.7.7-12",
"product_id": "20658"
}
}
],
"category": "product_name",
"name": "moby-containerd-cc"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cazl3 containerd2 2.0.0-14",
"product": {
"name": "\u003cazl3 containerd2 2.0.0-14",
"product_id": "3"
}
},
{
"category": "product_version",
"name": "azl3 containerd2 2.0.0-14",
"product": {
"name": "azl3 containerd2 2.0.0-14",
"product_id": "20654"
}
}
],
"category": "product_name",
"name": "containerd2"
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 moby-containerd 1.6.26-12 as a component of CBL Mariner 2.0",
"product_id": "17086-2"
},
"product_reference": "2",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 moby-containerd 1.6.26-12 as a component of CBL Mariner 2.0",
"product_id": "20657-17086"
},
"product_reference": "20657",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 moby-containerd-cc 1.7.7-9 as a component of Azure Linux 3.0",
"product_id": "17084-4"
},
"product_reference": "4",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 moby-containerd-cc 1.7.7-9 as a component of Azure Linux 3.0",
"product_id": "17461-17084"
},
"product_reference": "17461",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003cazl3 containerd2 2.0.0-14 as a component of Azure Linux 3.0",
"product_id": "17084-3"
},
"product_reference": "3",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 containerd2 2.0.0-14 as a component of Azure Linux 3.0",
"product_id": "20654-17084"
},
"product_reference": "20654",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "\u003ccbl2 moby-containerd-cc 1.7.7-12 as a component of CBL Mariner 2.0",
"product_id": "17086-1"
},
"product_reference": "1",
"relates_to_product_reference": "17086"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cbl2 moby-containerd-cc 1.7.7-12 as a component of CBL Mariner 2.0",
"product_id": "20658-17086"
},
"product_reference": "20658",
"relates_to_product_reference": "17086"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"notes": [
{
"category": "general",
"text": "GitHub_M",
"title": "Assigning CNA"
}
],
"product_status": {
"fixed": [
"20657-17086",
"17461-17084",
"20654-17084",
"20658-17086"
],
"known_affected": [
"17086-2",
"17084-4",
"17084-3",
"17086-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2024-25621 containerd affected by a local privilege escalation via wide permissions on CRI directory - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2025/msrc_cve-2024-25621.json"
}
],
"remediations": [
{
"category": "vendor_fix",
"date": "2025-11-08T01:08:33.000Z",
"details": "1.6.26-13:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-2"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-11-08T01:08:33.000Z",
"details": "1.7.7-10:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-4"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-11-08T01:08:33.000Z",
"details": "2.0.0-15:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17084-3"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
},
{
"category": "vendor_fix",
"date": "2025-11-08T01:08:33.000Z",
"details": "1.7.7-13:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
"product_ids": [
"17086-1"
],
"url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalsScore": 0.0,
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.3,
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"17086-2",
"17084-4",
"17084-3",
"17086-1"
]
}
],
"title": "containerd affected by a local privilege escalation via wide permissions on CRI directory"
}
]
}
OPENSUSE-SU-2025:15726-1
Vulnerability from csaf_opensuse - Published: 2025-11-11 00:00 - Updated: 2025-11-11 00:00Summary
containerd-1.7.29-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: containerd-1.7.29-1.1 on GA media
Description of the patch: These are all security issues fixed in the containerd-1.7.29-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2025-15726
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.3 (High)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
5.1 (Medium)
Affected products
Recommended
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
8 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "containerd-1.7.29-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the containerd-1.7.29-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2025-15726",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_15726-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-25621 page",
"url": "https://www.suse.com/security/cve/CVE-2024-25621/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-64329 page",
"url": "https://www.suse.com/security/cve/CVE-2025-64329/"
}
],
"title": "containerd-1.7.29-1.1 on GA media",
"tracking": {
"current_release_date": "2025-11-11T00:00:00Z",
"generator": {
"date": "2025-11-11T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:15726-1",
"initial_release_date": "2025-11-11T00:00:00Z",
"revision_history": [
{
"date": "2025-11-11T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-1.1.aarch64",
"product": {
"name": "containerd-1.7.29-1.1.aarch64",
"product_id": "containerd-1.7.29-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-1.1.aarch64",
"product": {
"name": "containerd-ctr-1.7.29-1.1.aarch64",
"product_id": "containerd-ctr-1.7.29-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-1.1.aarch64",
"product": {
"name": "containerd-devel-1.7.29-1.1.aarch64",
"product_id": "containerd-devel-1.7.29-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-1.1.ppc64le",
"product": {
"name": "containerd-1.7.29-1.1.ppc64le",
"product_id": "containerd-1.7.29-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-1.1.ppc64le",
"product": {
"name": "containerd-ctr-1.7.29-1.1.ppc64le",
"product_id": "containerd-ctr-1.7.29-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-1.1.ppc64le",
"product": {
"name": "containerd-devel-1.7.29-1.1.ppc64le",
"product_id": "containerd-devel-1.7.29-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-1.1.s390x",
"product": {
"name": "containerd-1.7.29-1.1.s390x",
"product_id": "containerd-1.7.29-1.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-1.1.s390x",
"product": {
"name": "containerd-ctr-1.7.29-1.1.s390x",
"product_id": "containerd-ctr-1.7.29-1.1.s390x"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-1.1.s390x",
"product": {
"name": "containerd-devel-1.7.29-1.1.s390x",
"product_id": "containerd-devel-1.7.29-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "containerd-1.7.29-1.1.x86_64",
"product": {
"name": "containerd-1.7.29-1.1.x86_64",
"product_id": "containerd-1.7.29-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-ctr-1.7.29-1.1.x86_64",
"product": {
"name": "containerd-ctr-1.7.29-1.1.x86_64",
"product_id": "containerd-ctr-1.7.29-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "containerd-devel-1.7.29-1.1.x86_64",
"product": {
"name": "containerd-devel-1.7.29-1.1.x86_64",
"product_id": "containerd-devel-1.7.29-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64"
},
"product_reference": "containerd-1.7.29-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le"
},
"product_reference": "containerd-1.7.29-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x"
},
"product_reference": "containerd-1.7.29-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-1.7.29-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64"
},
"product_reference": "containerd-1.7.29-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64"
},
"product_reference": "containerd-ctr-1.7.29-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le"
},
"product_reference": "containerd-ctr-1.7.29-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x"
},
"product_reference": "containerd-ctr-1.7.29-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-ctr-1.7.29-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64"
},
"product_reference": "containerd-ctr-1.7.29-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64"
},
"product_reference": "containerd-devel-1.7.29-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le"
},
"product_reference": "containerd-devel-1.7.29-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x"
},
"product_reference": "containerd-devel-1.7.29-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containerd-devel-1.7.29-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
},
"product_reference": "containerd-devel-1.7.29-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-25621"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths `/var/lib/containerd`, `/run/containerd/io.containerd.grpc.v1.cri` and `/run/containerd/io.containerd.sandbox.controller.v1.shim` were all created with incorrect permissions. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. Workarounds include updating system administrator permissions so the host can manually chmod the directories to not have group or world accessible permissions, or to run containerd in rootless mode.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-25621",
"url": "https://www.suse.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "SUSE Bug 1253126 for CVE-2024-25621",
"url": "https://bugzilla.suse.com/1253126"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-11T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2024-25621"
},
{
"cve": "CVE-2025-64329",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-64329"
}
],
"notes": [
{
"category": "general",
"text": "containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is fixed in versions 1.7.29, 2.0.7, 2.1.5 and 2.2.0. To workaround this vulnerability, users can set up an admission controller to control accesses to pods/attach resources.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-64329",
"url": "https://www.suse.com/security/cve/CVE-2025-64329"
},
{
"category": "external",
"summary": "SUSE Bug 1253132 for CVE-2025-64329",
"url": "https://bugzilla.suse.com/1253132"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:containerd-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-ctr-1.7.29-1.1.x86_64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.aarch64",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.ppc64le",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.s390x",
"openSUSE Tumbleweed:containerd-devel-1.7.29-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-11-11T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2025-64329"
}
]
}
RHSA-2025:22955
Vulnerability from csaf_redhat - Published: 2025-12-09 16:44 - Updated: 2026-06-16 16:36Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.12 director Operator container images
Severity
Important
Notes
Topic: Updated container images are now available for director Operator for Red Hat OpenStack Platform 17.1.12 (Wallaby) for RHEL 9.2.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud running on commonly available physical hardware.
The Red Hat OpenStack Platform (RHOSP) director Operator adds the ability to install and run a RHOSP cloud within OpenShift Container Platform (OCP).
Security Fixes:
* containerd local privilege excalation (CVE-2024-25621)
* SSH client panic due to unexpected SSH_AGENT_SUCCESS (CVE-2025-47913)
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
7.7 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic("unreachable") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.
7.5 (High)
Affected products
Fixed
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
2 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64 | — |
Workaround
|
Threats
Impact
Important
References
21 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated container images are now available for director Operator for Red Hat OpenStack Platform 17.1.12 (Wallaby) for RHEL 9.2.\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service (IaaS) cloud running on commonly available physical hardware.\n\nThe Red Hat OpenStack Platform (RHOSP) director Operator adds the ability to install and run a RHOSP cloud within OpenShift Container Platform (OCP).\n\nSecurity Fixes:\n * containerd local privilege excalation (CVE-2024-25621)\n * SSH client panic due to unexpected SSH_AGENT_SUCCESS (CVE-2025-47913)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:22955",
"url": "https://access.redhat.com/errata/RHSA-2025:22955"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47913",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://catalog.redhat.com/software/containers/search",
"url": "https://catalog.redhat.com/software/containers/search"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_22955.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 17.1.12 director Operator container images",
"tracking": {
"current_release_date": "2026-06-16T16:36:26+00:00",
"generator": {
"date": "2026-06-16T16:36:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2025:22955",
"initial_release_date": "2025-12-09T16:44:15+00:00",
"revision_history": [
{
"date": "2025-12-09T16:44:15+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-09T16:44:24+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T16:36:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 17.1",
"product": {
"name": "Red Hat OpenStack Platform 17.1",
"product_id": "Red Hat OpenStack Platform 17.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:17.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64",
"product": {
"name": "registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64",
"product_id": "registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osp-director-agent@sha256%3Aa618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel9\u0026tag=1.3.1-1765298349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64",
"product": {
"name": "registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64",
"product_id": "registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osp-director-downloader@sha256%3A58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel9\u0026tag=1.3.1-1765298349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64",
"product": {
"name": "registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64",
"product_id": "registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osp-director-operator-bundle@sha256%3Abdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel9\u0026tag=1.3.1-1765298349"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64",
"product": {
"name": "registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64",
"product_id": "registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/osp-director-operator@sha256%3A262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c?arch=amd64\u0026repository_url=registry.redhat.io/rhosp-rhel9\u0026tag=1.3.1-1765298349"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64"
},
"product_reference": "registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64",
"relates_to_product_reference": "Red Hat OpenStack Platform 17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64"
},
"product_reference": "registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64",
"relates_to_product_reference": "Red Hat OpenStack Platform 17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64"
},
"product_reference": "registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64",
"relates_to_product_reference": "Red Hat OpenStack Platform 17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64"
},
"product_reference": "registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64",
"relates_to_product_reference": "Red Hat OpenStack Platform 17.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64"
],
"known_not_affected": [
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T16:44:15+00:00",
"details": "The container images provided by this update can be downloaded from the Red Hat container registry at registry.redhat.io or registry.access.redhat.com using the \u0027podman pull\u0027 command.\n\nFor more information about the images, search the image name in the Red Hat Ecosystem Catalog.",
"product_ids": [
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22955"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
},
{
"cve": "CVE-2025-47913",
"discovery_date": "2025-11-13T22:01:26.092452+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2414943"
}
],
"notes": [
{
"category": "description",
"text": "A flaw in golang.org/x/crypto/ssh/agent causes the SSH agent client to panic when a peer responds with the generic SSH_AGENT_SUCCESS (0x06) message to requests expecting typed replies (e.g., List, Sign). The unmarshal layer produces an unexpected message type, which the client code does not handle, leading to panic(\"unreachable\") or a nil-pointer dereference. A malicious agent or forwarded connection can exploit this to terminate the client process.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability was marked as Important because it allows any malicious or misbehaving SSH agent to force a crash in the client process using a single valid protocol byte. The panic occurs before the client has a chance to validate message structure or recover, which means an attacker controlling\u2014or intercepting\u2014SSH agent traffic can reliably terminate processes that rely on agent interactions. In environments where SSH agents operate over forwarded sockets, shared workspaces, or CI/CD runners, this turns into a reliable, unauthenticated remote denial of service against critical automation or developer tooling. The flaw also stems from unsafe assumptions in the unmarshalling logic, where unexpected but protocol-legal message types drop into \u201cunreachable\u201d code paths instead of being handled gracefully\u2014making it a design-level reliability break rather than a simple error-handling bug. For this reason, it is rated as an important availability-impacting vulnerability rather than a moderate issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64"
],
"known_not_affected": [
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47913"
},
{
"category": "external",
"summary": "RHBZ#2414943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2414943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47913",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47913"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47913"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-hcg3-q754-cr77",
"url": "https://github.com/advisories/GHSA-hcg3-q754-cr77"
},
{
"category": "external",
"summary": "https://go.dev/cl/700295",
"url": "https://go.dev/cl/700295"
},
{
"category": "external",
"summary": "https://go.dev/issue/75178",
"url": "https://go.dev/issue/75178"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4116",
"url": "https://pkg.go.dev/vuln/GO-2025-4116"
}
],
"release_date": "2025-11-13T21:29:39.907000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-09T16:44:15+00:00",
"details": "The container images provided by this update can be downloaded from the Red Hat container registry at registry.redhat.io or registry.access.redhat.com using the \u0027podman pull\u0027 command.\n\nFor more information about the images, search the image name in the Red Hat Ecosystem Catalog.",
"product_ids": [
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:22955"
},
{
"category": "workaround",
"details": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability.",
"product_ids": [
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-agent@sha256:a618bbff08e2c106afa08a7daf100b51ac7ae53fe932fa2611087df303cc79f0_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-downloader@sha256:58019aa648510b1cab8159798b4e155b0c0c7830747a849d61f804dc03a21cf8_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator-bundle@sha256:bdf3ef41beefd75babb1bc576bc52d46611efb3ba1ff3443ac7d1fe9f10f215b_amd64",
"Red Hat OpenStack Platform 17.1:registry.redhat.io/rhosp-rhel9/osp-director-operator@sha256:262d9d9ee1f5093a467168981f3bd952836ca227801acaca506cbcf496a38c8c_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh/agent: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS"
}
]
}
RHSA-2025:23248
Vulnerability from csaf_redhat - Published: 2025-12-16 08:28 - Updated: 2026-06-10 21:18Summary
Red Hat Security Advisory: RHSA 4.7.9 security and bug fix update
Severity
Important
Notes
Topic: Updated images are now available for Red Hat Advanced Cluster Security
(RHACS), which typically include new features, bug fixes, and/or
security patches.
Details: See the release notes (link in the references section) for a
description of the fixes and enhancements in this particular release.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
7.7 (High)
Affected products
Fixed
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x | — |
Workaround
|
Threats
Impact
Important
A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.
7.7 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64 | — |
Workaround
|
Threats
Impact
Important
A denial of service flaw has been discovered in CivetWeb. The mg_handle_form_request function allows attackers to trigger a denial of service (DoS) condition by sending a specially crafted HTTP POST request containing a null byte in the payload. The server enters an infinite loop during form data parsing as a result. Multiple malicious requests will result in complete CPU exhaustion and render the service unresponsive to further requests.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.
7.0 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64 | — |
Vendor Fix
fix
|
Known not affected
33 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64 | — |
Threats
Impact
Moderate
A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.
5.3 (Medium)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
37 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64 | — |
Workaround
|
Threats
Impact
Important
References
44 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated images are now available for Red Hat Advanced Cluster Security\n(RHACS), which typically include new features, bug fixes, and/or\nsecurity patches.",
"title": "Topic"
},
{
"category": "general",
"text": "See the release notes (link in the references section) for a\ndescription of the fixes and enhancements in this particular release.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23248",
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-47907",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-59375",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6965",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-9648",
"url": "https://access.redhat.com/security/cve/CVE-2025-9648"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.7/html-single/release_notes/index#about-this-release-479_release-notes-47",
"url": "https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.7/html-single/release_notes/index#about-this-release-479_release-notes-47"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23248.json"
}
],
"title": "Red Hat Security Advisory: RHSA 4.7.9 security and bug fix update",
"tracking": {
"current_release_date": "2026-06-10T21:18:50+00:00",
"generator": {
"date": "2026-06-10T21:18:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:23248",
"initial_release_date": "2025-12-16T08:28:09+00:00",
"revision_history": [
{
"date": "2025-12-16T08:28:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-16T08:28:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-10T21:18:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Security 4.7",
"product": {
"name": "Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:advanced_cluster_security:4.7::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Security"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-operator-bundle@sha256%3Ae7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Aaf2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ae33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Acd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Af1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0?arch=amd64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3Ac019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3Ac623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3Ae81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3A98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3A4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Ac2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3Ae68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a?arch=arm64\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3A8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3Ae3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Ab3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Abe1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3Acec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3A7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3A4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809?arch=ppc64le\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-central-db-rhel8@sha256%3Ab3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-collector-rhel8@sha256%3A0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-main-rhel8@sha256%3A8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-rhel8-operator@sha256%3A56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-roxctl-rhel8@sha256%3A82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-rhel8@sha256%3Aff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-rhel8@sha256%3Ac16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-db-slim-rhel8@sha256%3A16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-slim-rhel8@sha256%3Af9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-rhel8@sha256%3A486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"product": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"product_id": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"product_identification_helper": {
"purl": "pkg:oci/rhacs-scanner-v4-db-rhel8@sha256%3Ab3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23?arch=s390x\u0026repository_url=registry.redhat.io/advanced-cluster-security"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64 as a component of Red Hat Advanced Cluster Security 4.7",
"product_id": "Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
},
"product_reference": "registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Security 4.7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T08:28:09+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
},
{
"cve": "CVE-2025-6965",
"cwe": {
"id": "CWE-197",
"name": "Numeric Truncation Error"
},
"discovery_date": "2025-07-15T14:02:19.241458+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2380149"
}
],
"notes": [
{
"category": "description",
"text": "A memory corruption flaw was found in SQLite. Under specific conditions a query can be generated where the number of aggregate terms could exceed the number of columns available. This issue could lead to memory corruption and subsequent unintended behavior.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "sqlite: Integer Truncation in SQLite",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in SQLite is categorized as Important rather than Critical because, although it involves memory corruption, the conditions required to trigger it are relatively constrained. The flaw arises when a query causes the number of aggregate terms to exceed internal limits, leading to potential buffer overflows or memory mismanagement. However, exploitation requires the ability to craft complex SQL queries and interact with the SQLite engine in a specific manner\u2014typically through direct SQL input. There is no known evidence of arbitrary code execution, privilege escalation, or remote exploitability as a direct result of this flaw. Additionally, most SQLite deployments are embedded in applications where input is tightly controlled or sanitized.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6965"
},
{
"category": "external",
"summary": "RHBZ#2380149",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2380149"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6965",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6965"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6965"
},
{
"category": "external",
"summary": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixMSQL"
},
{
"category": "external",
"summary": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8",
"url": "https://www.sqlite.org/src/info/5508b56fd24016c13981ec280ecdd833007c9d8dd595edb295b984c2b487b5c8"
}
],
"release_date": "2025-07-15T13:44:00.784000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T08:28:09+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "sqlite: Integer Truncation in SQLite"
},
{
"cve": "CVE-2025-9648",
"cwe": {
"id": "CWE-158",
"name": "Improper Neutralization of Null Byte or NUL Character"
},
"discovery_date": "2025-09-29T12:00:57.819834+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2400107"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service flaw has been discovered in CivetWeb. The mg_handle_form_request function allows attackers to trigger a denial of service (DoS) condition by sending a specially crafted HTTP POST request containing a null byte in the payload. The server enters an infinite loop during form data parsing as a result. Multiple malicious requests will result in complete CPU exhaustion and render the service unresponsive to further requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "civetweb: Denial of Service in CivetWeb",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "On Red Hat systems a denial of service in the CivetWeb application does not pose a broader availability risk to the host.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-9648"
},
{
"category": "external",
"summary": "RHBZ#2400107",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2400107"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-9648",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-9648"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-9648",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-9648"
},
{
"category": "external",
"summary": "https://cert.pl/en/posts/2025/09/CVE-2025-9648",
"url": "https://cert.pl/en/posts/2025/09/CVE-2025-9648"
},
{
"category": "external",
"summary": "https://github.com/civetweb/civetweb",
"url": "https://github.com/civetweb/civetweb"
},
{
"category": "external",
"summary": "https://github.com/civetweb/civetweb/commit/782e18903515f43bafbf2e668994e82bdfa51133",
"url": "https://github.com/civetweb/civetweb/commit/782e18903515f43bafbf2e668994e82bdfa51133"
},
{
"category": "external",
"summary": "https://github.com/civetweb/civetweb/issues/1348",
"url": "https://github.com/civetweb/civetweb/issues/1348"
}
],
"release_date": "2025-09-29T11:47:56.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T08:28:09+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "civetweb: Denial of Service in CivetWeb"
},
{
"cve": "CVE-2025-47907",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2025-08-07T16:01:06.247481+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2387083"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in database/sql. Concurrent queries can produce unexpected results when a query is cancelled during a Scan method call on returned Rows, creating a race condition. This vulnerability allows an attacker who can initiate and cancel queries to trigger this condition, possibly leading to inconsistent data being returned to the application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "database/sql: Postgres Scan Race Condition",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability marked as Moderate severity issues rather than Important. The os/exec LookPath flaw requires a misconfigured PATH to be exploitable, and the database/sql race condition primarily impacts applications that cancel queries while running multiple queries concurrently. Both can cause unexpected behavior, but the exploitation scope is limited and unlikely to result in direct compromise in most typical deployments.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-47907"
},
{
"category": "external",
"summary": "RHBZ#2387083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2387083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-47907",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47907"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47907"
},
{
"category": "external",
"summary": "https://go.dev/cl/693735",
"url": "https://go.dev/cl/693735"
},
{
"category": "external",
"summary": "https://go.dev/issue/74831",
"url": "https://go.dev/issue/74831"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM",
"url": "https://groups.google.com/g/golang-announce/c/x5MKroML2yM"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-3849",
"url": "https://pkg.go.dev/vuln/GO-2025-3849"
}
],
"release_date": "2025-08-07T15:25:30.704000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T08:28:09+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "database/sql: Postgres Scan Race Condition"
},
{
"cve": "CVE-2025-59375",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-09-15T03:00:59.775098+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2395108"
}
],
"notes": [
{
"category": "description",
"text": "A memory amplification vulnerability in libexpat allows attackers to trigger excessive dynamic memory allocations by submitting specially crafted XML input. A small input (~250 KiB) can cause the parser to allocate hundreds of megabytes, leading to denial-of-service (DoS) through memory exhaustion.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue is Important rather than Critical because, while it allows for significant resource exhaustion leading to denial-of-service (DoS), it does not enable arbitrary code execution, data leakage, or privilege escalation. The vulnerability stems from an uncontrolled memory amplification behavior in libexpat\u2019s parser, where a relatively small XML payload can cause disproportionately large heap allocations. However, the flaw is limited in scope to service disruption and requires the attacker to submit a crafted XML document\u2014something that can be mitigated with proper input validation and memory usage limits. Therefore, while the exploitability is high, the impact is confined to availability, not confidentiality or integrity, making it a high-severity but not critical flaw.\n\nIn Firefox and Thunderbird, where libexpat is a transitive userspace dependency, exploitation usually just crashes the application (app-level DoS), so it is classified as Moderate instead of Important.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-59375"
},
{
"category": "external",
"summary": "RHBZ#2395108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2395108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-59375",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59375"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-22/#CVE-2025-59375"
},
{
"category": "external",
"summary": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375",
"url": "https://www.mozilla.org/security/advisories/mfsa2026-24/#CVE-2025-59375"
}
],
"release_date": "2025-09-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-16T08:28:09+00:00",
"details": "If you are using an earlier version of RHACS, you are advised to\nupgrade to the version of RHACS mentioned in the synopsis and release\nnotes in order to take advantage of the enhancements, bug fixes, and/or\nsecurity patches in the release.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23248"
},
{
"category": "workaround",
"details": "To mitigate the issue, limit XML input size and complexity before parsing, and avoid accepting compressed or deeply nested XML. Use OS-level resource controls (like ulimit or setrlimit()) to cap memory usage, or run the parser in a sandboxed or isolated process with strict memory and CPU limits. This helps prevent denial-of-service by containing excessive resource consumption.",
"product_ids": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:18357de02f0f56d741dd4e184465157b0035550c151c29c4a0387d58cf269106_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:6ec722f4a9558cd2c409811b2da56a0af971a7f586a8d3c7a1ae1f47e25c7fb5_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:8d1e602d5f01328cfd56e84a29a997483ee882a437e10003bbec959156305ebc_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-central-db-rhel8@sha256:b3d0ab6ed732624f6cc3b942d4bfcbcd372d61ce6b60b901a74361ba57874069_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:0ba8b652771a517a5c724bc91bbca265a8e86efdd2e83b504c8fb309715a3758_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:271dd3bfa99f1043d3ee885764fda7d3ba89c232025c1d3ad7fe45324f47473d_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:488e7716dc50df623f9088ee36120266d4db2637e2d2ce89810f1fdd8f2161f0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-collector-rhel8@sha256:e3444345f04c1569ec97530ddd6b6e4ccd38a2887d500054ac93f76f54c07aa8_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:1b131d4fcd2b6b608ea9467195df55e796e2b26a889651f6d294038910dbf795_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:31788e355827257ff14af5a9ed16a627fd203f8897a6c3ce0793fd5dac8e25e8_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:8f4bf042e7b4e0d240e6d78d450d7fb985482393154d9c6e505c42d6c6121f98_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-main-rhel8@sha256:c019cadfc51234635a8e7858ee74107395a238c950ec91c27f07a1dea0a17ce6_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-operator-bundle@sha256:e7106f927313f2e0a08c85cf1ecfd1338d222f02dcac6c40846858a7e0c9c32b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:56202276aaeb96ecaf5f2729d0644811dd64096aeed1a407735091d0b1086b06_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9acef94305c74d27d6a047ed051adf7efbe855bf406bf8fc583c32451a4a79c6_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:9f4f55e287380e5c8ec9b7bb55846b878475877ff0802681817801f87ccc5238_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-rhel8-operator@sha256:c623e12a1c28e70cbd6a350c784f07fe785db424b6b0a9cd4100edda52426c54_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:5a7d70dc0c30c94329937d7ef2a8b6ac6344da79bf6f153fdcf828ed5bdf148d_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:82b148211af601cfba5b588653ab2f5cfae938b56268436d7dd6a8055a895e6e_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:af2cbab59c3cdc12e60a3e1c94f913005633ff6566f424b947ec0b15cd5e7a9f_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-roxctl-rhel8@sha256:e81aa3e198d77dd7e8ad5eacf8cc8419a1f9b01f30cb81c18f7a658fde49e8d3_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:02a33bc81310601ebbe26391b472da8f558cbbd0c7ea1400f9cd7c3f44abb0ac_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:4db4e3398f343ef9efecdc1e47ac65d80989add642963869ce754985b75c9bfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:be1449ccf241763457d965759214924646ff9d9a4046fe42ccaf1770775afc6c_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-rhel8@sha256:c16ba9bda38878fc3822b7ac128b04a072fdb8b066e8ad76bf435ebc0ec527d9_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:16f3506332224b30b82a3112e1dd9972cd15f1e6431c22ab3f584424aede986f_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:6c1672816133d254132da81c88c3f96135911b76dc77d1b12ca0181c54d2937e_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:761c59870f11a3760d1d00b7810c5732b69a1ee57629b6b1dadf312b16695647_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-db-slim-rhel8@sha256:cec17c9d59f66b09a840df62b12b42c42e339e1baab53f1032f8c9bf3b1bee24_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:98efc2b0719aac6bc15bf353cc36cd61604df052335280c2217a37c4259d47c4_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:b3c527cd1aec5dfc408caef8886e16ae5dc8dd2c8dd517eaca003d5e7e1677ed_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:e33609218a2ef967d292eb9755b430f02b429b6f3f5fe6b6ea4401fee1e11415_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-rhel8@sha256:ff025f0e3b312b76daa3f94e0c245d720ba77c63b11c0fa26a8db2523df6998c_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:7c0a23278a9180c3f586004986fea37fdaa29905997368290ec5633fd14d6107_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:c2b1c6b73d6d7383bb52afaab41846cc4341eaf8e4e8f269823a0f5c33693dfc_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:cd557b81bf7c91f7cb3248ac61e2076a746495bfed8b8e5c4bf13c0ec467c62b_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-slim-rhel8@sha256:f9418586394e756e201ded1c51ff6190d8a19991f70c693b2e4e77782a18a695_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:0a19b35ba9bd1825a66789dc02807a257f92e310831770242b4b86723174681a_arm64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:4efe0e4ff5aab9dfd0d31eb6c8e3a1a112dc2b00ff073e8b7029b79cdb452809_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:b3667bea7d50bfc3229ca7fb408c13119f2df02edd9ed2140700358a9a0c3b23_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-db-rhel8@sha256:f1dae4ee0a6f66807752b9b8a11e1691a7bf59709b43bf4ac03b653e8bc61af0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:486112e20446446c639f4ba1d350886766977e89c4431cb363468cfadeec4364_s390x",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:5f15cd67c8492a9fa4a27d1cb26e5ace8ff531ecb060ebfe392083e4d3128c20_ppc64le",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:8ca51b143ae25a80f8df65b20d9a1a975567bd400c3d2646ef14a1d3b8f4eeb0_amd64",
"Red Hat Advanced Cluster Security 4.7:registry.redhat.io/advanced-cluster-security/rhacs-scanner-v4-rhel8@sha256:e68e0a88255675f8e68ab8f179cc93aa53cc6c0798210bf312112c6a8a531242_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "firefox: thunderbird: expat: libexpat in Expat allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing"
}
]
}
RHSA-2025:23428
Vulnerability from csaf_redhat - Published: 2025-12-17 01:06 - Updated: 2026-06-10 21:18Summary
Red Hat Security Advisory: Red Hat multicluster global hub 1.5.2 security update
Severity
Important
Notes
Topic: Red Hat multicluster global hub v1.5.2 general availability release images, which provide security fixes, bug fixes, and updated container images.
Red Hat Product Security has rated this update as having a security impact of Important.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.
Details: Red Hat multicluster global hub is a set of components that enable you to import one or more hub clusters and manage them from a single hub cluster.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
7.7 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:67f7694d2ad6a891ddc005df6c49d4dd0f496ee9f89f28ff21af4bdba74dbaeb_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7a68a55335de933f652c75b80d4f246a72508b958d5d5f36769337af94a0eb9b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7cd69508a66f01778c6086d8db3a384562e76d2650bdae1c6b55dc0bc477c9a2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ad0bef3510f1a50bdd0eabb9044c3240c3dcc63e4cb32ee948d291a4571f4373_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:076468826a7c34dbd8c5ff8dff493022e4f509e271c5a84f19c5de3e8ff0f915_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:30d35cb3567dce38efb9800c97177981d5402baa50b435c9fc17f9d39b150705_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:69cb8f8c4added49195f69dc12da5d3a20f08e66513c45a07b8231fe79a9ccd0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:bfc0b9e987ad9ed150b0f31046f37ab13c5b54a4d8bc23e8609329194ec5376e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:87f5ce87383392ca51522fe04bbef7ecdba1070b1a55a80d893ba8143e029664_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:90ced4a8d261d1956466cfde2c66fbb01a3902c4bba9242ec043eac10f727cc2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:cce25ed95c206ba67c143655e5a7774e2a60b450895db8e46bd808741d517250_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:d881c0e6fb73ef46d1e7622723172645fa7b05a3afb8a1a6b7bec221bbf48884_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
9 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:02d64a5e1254f66b6daae1188688d5289acb7832819005de439285ba1dc68f20_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:495889e652f44420a47899e456d7bbf1b1e9a4eecf026550c860ac45b7fa2d7d_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:8e65ccadd704d3324991a931f5dcc99097c1b9918cbf7fbe8c9b558da58dff6e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:df5dfb9e86987b37fc3f732f3be3f1a3e3dcf415e4b0cfb06767d94349212504_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:f8eb9c20cc10dca52fb053723208b4dec03a4e98efab7a72cfcf7ea8a1bc4032_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:16e4186db10c7459608038d08fb6536d43763d74e18051231b792c2225807fb1_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:1d0d5fe8682b94e95e56d38083c28a3acbe359257922b9557b6ef5c0cb065e43_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:61b1b737c3715c51509817f89aba789e30a4cb0e1ef0ad18e82cc3ee62422e94_s390x | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:f7cd7119f566c04f45b02e64ed34e89b39eaa77b6321ba627ac7ff132ed68a10_ppc64le | — |
Workaround
|
Threats
Impact
Important
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat multicluster global hub v1.5.2 general availability release images, which provide security fixes, bug fixes, and updated container images.\n\nRed Hat Product Security has rated this update as having a security impact of Important. \nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat multicluster global hub is a set of components that enable you to import one or more hub clusters and manage them from a single hub cluster.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23428",
"url": "https://access.redhat.com/errata/RHSA-2025:23428"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23428.json"
}
],
"title": "Red Hat Security Advisory: Red Hat multicluster global hub 1.5.2 security update",
"tracking": {
"current_release_date": "2026-06-10T21:18:47+00:00",
"generator": {
"date": "2026-06-10T21:18:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:23428",
"initial_release_date": "2025-12-17T01:06:13+00:00",
"revision_history": [
{
"date": "2025-12-17T01:06:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-17T01:06:18+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-10T21:18:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Multicluster Global Hub 1.5.4",
"product": {
"name": "Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_globalhub:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "Multicluster Global Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:02d64a5e1254f66b6daae1188688d5289acb7832819005de439285ba1dc68f20_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:02d64a5e1254f66b6daae1188688d5289acb7832819005de439285ba1dc68f20_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:02d64a5e1254f66b6daae1188688d5289acb7832819005de439285ba1dc68f20_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3A02d64a5e1254f66b6daae1188688d5289acb7832819005de439285ba1dc68f20?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765630668"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7cd69508a66f01778c6086d8db3a384562e76d2650bdae1c6b55dc0bc477c9a2_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7cd69508a66f01778c6086d8db3a384562e76d2650bdae1c6b55dc0bc477c9a2_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7cd69508a66f01778c6086d8db3a384562e76d2650bdae1c6b55dc0bc477c9a2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3A7cd69508a66f01778c6086d8db3a384562e76d2650bdae1c6b55dc0bc477c9a2?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765591231"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:30d35cb3567dce38efb9800c97177981d5402baa50b435c9fc17f9d39b150705_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:30d35cb3567dce38efb9800c97177981d5402baa50b435c9fc17f9d39b150705_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:30d35cb3567dce38efb9800c97177981d5402baa50b435c9fc17f9d39b150705_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3A30d35cb3567dce38efb9800c97177981d5402baa50b435c9fc17f9d39b150705?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765594821"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:f8eb9c20cc10dca52fb053723208b4dec03a4e98efab7a72cfcf7ea8a1bc4032_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:f8eb9c20cc10dca52fb053723208b4dec03a4e98efab7a72cfcf7ea8a1bc4032_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:f8eb9c20cc10dca52fb053723208b4dec03a4e98efab7a72cfcf7ea8a1bc4032_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-operator-bundle@sha256%3Af8eb9c20cc10dca52fb053723208b4dec03a4e98efab7a72cfcf7ea8a1bc4032?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765638835"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:d881c0e6fb73ef46d1e7622723172645fa7b05a3afb8a1a6b7bec221bbf48884_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:d881c0e6fb73ef46d1e7622723172645fa7b05a3afb8a1a6b7bec221bbf48884_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:d881c0e6fb73ef46d1e7622723172645fa7b05a3afb8a1a6b7bec221bbf48884_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3Ad881c0e6fb73ef46d1e7622723172645fa7b05a3afb8a1a6b7bec221bbf48884?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765591064"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:1d0d5fe8682b94e95e56d38083c28a3acbe359257922b9557b6ef5c0cb065e43_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:1d0d5fe8682b94e95e56d38083c28a3acbe359257922b9557b6ef5c0cb065e43_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:1d0d5fe8682b94e95e56d38083c28a3acbe359257922b9557b6ef5c0cb065e43_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A1d0d5fe8682b94e95e56d38083c28a3acbe359257922b9557b6ef5c0cb065e43?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765373847"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:8e65ccadd704d3324991a931f5dcc99097c1b9918cbf7fbe8c9b558da58dff6e_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:8e65ccadd704d3324991a931f5dcc99097c1b9918cbf7fbe8c9b558da58dff6e_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:8e65ccadd704d3324991a931f5dcc99097c1b9918cbf7fbe8c9b558da58dff6e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3A8e65ccadd704d3324991a931f5dcc99097c1b9918cbf7fbe8c9b558da58dff6e?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765630668"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7a68a55335de933f652c75b80d4f246a72508b958d5d5f36769337af94a0eb9b_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7a68a55335de933f652c75b80d4f246a72508b958d5d5f36769337af94a0eb9b_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7a68a55335de933f652c75b80d4f246a72508b958d5d5f36769337af94a0eb9b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3A7a68a55335de933f652c75b80d4f246a72508b958d5d5f36769337af94a0eb9b?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765591231"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:69cb8f8c4added49195f69dc12da5d3a20f08e66513c45a07b8231fe79a9ccd0_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:69cb8f8c4added49195f69dc12da5d3a20f08e66513c45a07b8231fe79a9ccd0_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:69cb8f8c4added49195f69dc12da5d3a20f08e66513c45a07b8231fe79a9ccd0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3A69cb8f8c4added49195f69dc12da5d3a20f08e66513c45a07b8231fe79a9ccd0?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765594821"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:87f5ce87383392ca51522fe04bbef7ecdba1070b1a55a80d893ba8143e029664_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:87f5ce87383392ca51522fe04bbef7ecdba1070b1a55a80d893ba8143e029664_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:87f5ce87383392ca51522fe04bbef7ecdba1070b1a55a80d893ba8143e029664_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3A87f5ce87383392ca51522fe04bbef7ecdba1070b1a55a80d893ba8143e029664?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765591064"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:f7cd7119f566c04f45b02e64ed34e89b39eaa77b6321ba627ac7ff132ed68a10_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:f7cd7119f566c04f45b02e64ed34e89b39eaa77b6321ba627ac7ff132ed68a10_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:f7cd7119f566c04f45b02e64ed34e89b39eaa77b6321ba627ac7ff132ed68a10_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3Af7cd7119f566c04f45b02e64ed34e89b39eaa77b6321ba627ac7ff132ed68a10?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765373847"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:495889e652f44420a47899e456d7bbf1b1e9a4eecf026550c860ac45b7fa2d7d_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:495889e652f44420a47899e456d7bbf1b1e9a4eecf026550c860ac45b7fa2d7d_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:495889e652f44420a47899e456d7bbf1b1e9a4eecf026550c860ac45b7fa2d7d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3A495889e652f44420a47899e456d7bbf1b1e9a4eecf026550c860ac45b7fa2d7d?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765630668"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ad0bef3510f1a50bdd0eabb9044c3240c3dcc63e4cb32ee948d291a4571f4373_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ad0bef3510f1a50bdd0eabb9044c3240c3dcc63e4cb32ee948d291a4571f4373_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ad0bef3510f1a50bdd0eabb9044c3240c3dcc63e4cb32ee948d291a4571f4373_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3Aad0bef3510f1a50bdd0eabb9044c3240c3dcc63e4cb32ee948d291a4571f4373?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765591231"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:076468826a7c34dbd8c5ff8dff493022e4f509e271c5a84f19c5de3e8ff0f915_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:076468826a7c34dbd8c5ff8dff493022e4f509e271c5a84f19c5de3e8ff0f915_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:076468826a7c34dbd8c5ff8dff493022e4f509e271c5a84f19c5de3e8ff0f915_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3A076468826a7c34dbd8c5ff8dff493022e4f509e271c5a84f19c5de3e8ff0f915?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765594821"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:cce25ed95c206ba67c143655e5a7774e2a60b450895db8e46bd808741d517250_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:cce25ed95c206ba67c143655e5a7774e2a60b450895db8e46bd808741d517250_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:cce25ed95c206ba67c143655e5a7774e2a60b450895db8e46bd808741d517250_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3Acce25ed95c206ba67c143655e5a7774e2a60b450895db8e46bd808741d517250?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765591064"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:61b1b737c3715c51509817f89aba789e30a4cb0e1ef0ad18e82cc3ee62422e94_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:61b1b737c3715c51509817f89aba789e30a4cb0e1ef0ad18e82cc3ee62422e94_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:61b1b737c3715c51509817f89aba789e30a4cb0e1ef0ad18e82cc3ee62422e94_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A61b1b737c3715c51509817f89aba789e30a4cb0e1ef0ad18e82cc3ee62422e94?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765373847"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:df5dfb9e86987b37fc3f732f3be3f1a3e3dcf415e4b0cfb06767d94349212504_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:df5dfb9e86987b37fc3f732f3be3f1a3e3dcf415e4b0cfb06767d94349212504_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:df5dfb9e86987b37fc3f732f3be3f1a3e3dcf415e4b0cfb06767d94349212504_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3Adf5dfb9e86987b37fc3f732f3be3f1a3e3dcf415e4b0cfb06767d94349212504?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765630668"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:67f7694d2ad6a891ddc005df6c49d4dd0f496ee9f89f28ff21af4bdba74dbaeb_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:67f7694d2ad6a891ddc005df6c49d4dd0f496ee9f89f28ff21af4bdba74dbaeb_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:67f7694d2ad6a891ddc005df6c49d4dd0f496ee9f89f28ff21af4bdba74dbaeb_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3A67f7694d2ad6a891ddc005df6c49d4dd0f496ee9f89f28ff21af4bdba74dbaeb?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765591231"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:bfc0b9e987ad9ed150b0f31046f37ab13c5b54a4d8bc23e8609329194ec5376e_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:bfc0b9e987ad9ed150b0f31046f37ab13c5b54a4d8bc23e8609329194ec5376e_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:bfc0b9e987ad9ed150b0f31046f37ab13c5b54a4d8bc23e8609329194ec5376e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3Abfc0b9e987ad9ed150b0f31046f37ab13c5b54a4d8bc23e8609329194ec5376e?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765594821"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:90ced4a8d261d1956466cfde2c66fbb01a3902c4bba9242ec043eac10f727cc2_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:90ced4a8d261d1956466cfde2c66fbb01a3902c4bba9242ec043eac10f727cc2_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:90ced4a8d261d1956466cfde2c66fbb01a3902c4bba9242ec043eac10f727cc2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3A90ced4a8d261d1956466cfde2c66fbb01a3902c4bba9242ec043eac10f727cc2?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765591064"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:16e4186db10c7459608038d08fb6536d43763d74e18051231b792c2225807fb1_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:16e4186db10c7459608038d08fb6536d43763d74e18051231b792c2225807fb1_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:16e4186db10c7459608038d08fb6536d43763d74e18051231b792c2225807fb1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A16e4186db10c7459608038d08fb6536d43763d74e18051231b792c2225807fb1?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.5.2-1765373847"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:67f7694d2ad6a891ddc005df6c49d4dd0f496ee9f89f28ff21af4bdba74dbaeb_arm64 as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:67f7694d2ad6a891ddc005df6c49d4dd0f496ee9f89f28ff21af4bdba74dbaeb_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:67f7694d2ad6a891ddc005df6c49d4dd0f496ee9f89f28ff21af4bdba74dbaeb_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7a68a55335de933f652c75b80d4f246a72508b958d5d5f36769337af94a0eb9b_ppc64le as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7a68a55335de933f652c75b80d4f246a72508b958d5d5f36769337af94a0eb9b_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7a68a55335de933f652c75b80d4f246a72508b958d5d5f36769337af94a0eb9b_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7cd69508a66f01778c6086d8db3a384562e76d2650bdae1c6b55dc0bc477c9a2_amd64 as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7cd69508a66f01778c6086d8db3a384562e76d2650bdae1c6b55dc0bc477c9a2_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7cd69508a66f01778c6086d8db3a384562e76d2650bdae1c6b55dc0bc477c9a2_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ad0bef3510f1a50bdd0eabb9044c3240c3dcc63e4cb32ee948d291a4571f4373_s390x as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ad0bef3510f1a50bdd0eabb9044c3240c3dcc63e4cb32ee948d291a4571f4373_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ad0bef3510f1a50bdd0eabb9044c3240c3dcc63e4cb32ee948d291a4571f4373_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:02d64a5e1254f66b6daae1188688d5289acb7832819005de439285ba1dc68f20_amd64 as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:02d64a5e1254f66b6daae1188688d5289acb7832819005de439285ba1dc68f20_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:02d64a5e1254f66b6daae1188688d5289acb7832819005de439285ba1dc68f20_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:495889e652f44420a47899e456d7bbf1b1e9a4eecf026550c860ac45b7fa2d7d_s390x as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:495889e652f44420a47899e456d7bbf1b1e9a4eecf026550c860ac45b7fa2d7d_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:495889e652f44420a47899e456d7bbf1b1e9a4eecf026550c860ac45b7fa2d7d_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:8e65ccadd704d3324991a931f5dcc99097c1b9918cbf7fbe8c9b558da58dff6e_ppc64le as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:8e65ccadd704d3324991a931f5dcc99097c1b9918cbf7fbe8c9b558da58dff6e_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:8e65ccadd704d3324991a931f5dcc99097c1b9918cbf7fbe8c9b558da58dff6e_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:df5dfb9e86987b37fc3f732f3be3f1a3e3dcf415e4b0cfb06767d94349212504_arm64 as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:df5dfb9e86987b37fc3f732f3be3f1a3e3dcf415e4b0cfb06767d94349212504_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:df5dfb9e86987b37fc3f732f3be3f1a3e3dcf415e4b0cfb06767d94349212504_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:076468826a7c34dbd8c5ff8dff493022e4f509e271c5a84f19c5de3e8ff0f915_s390x as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:076468826a7c34dbd8c5ff8dff493022e4f509e271c5a84f19c5de3e8ff0f915_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:076468826a7c34dbd8c5ff8dff493022e4f509e271c5a84f19c5de3e8ff0f915_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:30d35cb3567dce38efb9800c97177981d5402baa50b435c9fc17f9d39b150705_amd64 as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:30d35cb3567dce38efb9800c97177981d5402baa50b435c9fc17f9d39b150705_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:30d35cb3567dce38efb9800c97177981d5402baa50b435c9fc17f9d39b150705_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:69cb8f8c4added49195f69dc12da5d3a20f08e66513c45a07b8231fe79a9ccd0_ppc64le as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:69cb8f8c4added49195f69dc12da5d3a20f08e66513c45a07b8231fe79a9ccd0_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:69cb8f8c4added49195f69dc12da5d3a20f08e66513c45a07b8231fe79a9ccd0_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:bfc0b9e987ad9ed150b0f31046f37ab13c5b54a4d8bc23e8609329194ec5376e_arm64 as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:bfc0b9e987ad9ed150b0f31046f37ab13c5b54a4d8bc23e8609329194ec5376e_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:bfc0b9e987ad9ed150b0f31046f37ab13c5b54a4d8bc23e8609329194ec5376e_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:f8eb9c20cc10dca52fb053723208b4dec03a4e98efab7a72cfcf7ea8a1bc4032_amd64 as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:f8eb9c20cc10dca52fb053723208b4dec03a4e98efab7a72cfcf7ea8a1bc4032_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:f8eb9c20cc10dca52fb053723208b4dec03a4e98efab7a72cfcf7ea8a1bc4032_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:16e4186db10c7459608038d08fb6536d43763d74e18051231b792c2225807fb1_arm64 as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:16e4186db10c7459608038d08fb6536d43763d74e18051231b792c2225807fb1_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:16e4186db10c7459608038d08fb6536d43763d74e18051231b792c2225807fb1_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:1d0d5fe8682b94e95e56d38083c28a3acbe359257922b9557b6ef5c0cb065e43_amd64 as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:1d0d5fe8682b94e95e56d38083c28a3acbe359257922b9557b6ef5c0cb065e43_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:1d0d5fe8682b94e95e56d38083c28a3acbe359257922b9557b6ef5c0cb065e43_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:61b1b737c3715c51509817f89aba789e30a4cb0e1ef0ad18e82cc3ee62422e94_s390x as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:61b1b737c3715c51509817f89aba789e30a4cb0e1ef0ad18e82cc3ee62422e94_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:61b1b737c3715c51509817f89aba789e30a4cb0e1ef0ad18e82cc3ee62422e94_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:f7cd7119f566c04f45b02e64ed34e89b39eaa77b6321ba627ac7ff132ed68a10_ppc64le as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:f7cd7119f566c04f45b02e64ed34e89b39eaa77b6321ba627ac7ff132ed68a10_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:f7cd7119f566c04f45b02e64ed34e89b39eaa77b6321ba627ac7ff132ed68a10_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:87f5ce87383392ca51522fe04bbef7ecdba1070b1a55a80d893ba8143e029664_ppc64le as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:87f5ce87383392ca51522fe04bbef7ecdba1070b1a55a80d893ba8143e029664_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:87f5ce87383392ca51522fe04bbef7ecdba1070b1a55a80d893ba8143e029664_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:90ced4a8d261d1956466cfde2c66fbb01a3902c4bba9242ec043eac10f727cc2_arm64 as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:90ced4a8d261d1956466cfde2c66fbb01a3902c4bba9242ec043eac10f727cc2_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:90ced4a8d261d1956466cfde2c66fbb01a3902c4bba9242ec043eac10f727cc2_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:cce25ed95c206ba67c143655e5a7774e2a60b450895db8e46bd808741d517250_s390x as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:cce25ed95c206ba67c143655e5a7774e2a60b450895db8e46bd808741d517250_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:cce25ed95c206ba67c143655e5a7774e2a60b450895db8e46bd808741d517250_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:d881c0e6fb73ef46d1e7622723172645fa7b05a3afb8a1a6b7bec221bbf48884_amd64 as a component of Multicluster Global Hub 1.5.4",
"product_id": "Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:d881c0e6fb73ef46d1e7622723172645fa7b05a3afb8a1a6b7bec221bbf48884_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:d881c0e6fb73ef46d1e7622723172645fa7b05a3afb8a1a6b7bec221bbf48884_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.5.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:02d64a5e1254f66b6daae1188688d5289acb7832819005de439285ba1dc68f20_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:495889e652f44420a47899e456d7bbf1b1e9a4eecf026550c860ac45b7fa2d7d_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:8e65ccadd704d3324991a931f5dcc99097c1b9918cbf7fbe8c9b558da58dff6e_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:df5dfb9e86987b37fc3f732f3be3f1a3e3dcf415e4b0cfb06767d94349212504_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:f8eb9c20cc10dca52fb053723208b4dec03a4e98efab7a72cfcf7ea8a1bc4032_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:16e4186db10c7459608038d08fb6536d43763d74e18051231b792c2225807fb1_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:1d0d5fe8682b94e95e56d38083c28a3acbe359257922b9557b6ef5c0cb065e43_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:61b1b737c3715c51509817f89aba789e30a4cb0e1ef0ad18e82cc3ee62422e94_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:f7cd7119f566c04f45b02e64ed34e89b39eaa77b6321ba627ac7ff132ed68a10_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:67f7694d2ad6a891ddc005df6c49d4dd0f496ee9f89f28ff21af4bdba74dbaeb_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7a68a55335de933f652c75b80d4f246a72508b958d5d5f36769337af94a0eb9b_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7cd69508a66f01778c6086d8db3a384562e76d2650bdae1c6b55dc0bc477c9a2_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ad0bef3510f1a50bdd0eabb9044c3240c3dcc63e4cb32ee948d291a4571f4373_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:076468826a7c34dbd8c5ff8dff493022e4f509e271c5a84f19c5de3e8ff0f915_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:30d35cb3567dce38efb9800c97177981d5402baa50b435c9fc17f9d39b150705_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:69cb8f8c4added49195f69dc12da5d3a20f08e66513c45a07b8231fe79a9ccd0_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:bfc0b9e987ad9ed150b0f31046f37ab13c5b54a4d8bc23e8609329194ec5376e_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:87f5ce87383392ca51522fe04bbef7ecdba1070b1a55a80d893ba8143e029664_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:90ced4a8d261d1956466cfde2c66fbb01a3902c4bba9242ec043eac10f727cc2_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:cce25ed95c206ba67c143655e5a7774e2a60b450895db8e46bd808741d517250_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:d881c0e6fb73ef46d1e7622723172645fa7b05a3afb8a1a6b7bec221bbf48884_amd64"
],
"known_not_affected": [
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:02d64a5e1254f66b6daae1188688d5289acb7832819005de439285ba1dc68f20_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:495889e652f44420a47899e456d7bbf1b1e9a4eecf026550c860ac45b7fa2d7d_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:8e65ccadd704d3324991a931f5dcc99097c1b9918cbf7fbe8c9b558da58dff6e_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:df5dfb9e86987b37fc3f732f3be3f1a3e3dcf415e4b0cfb06767d94349212504_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:f8eb9c20cc10dca52fb053723208b4dec03a4e98efab7a72cfcf7ea8a1bc4032_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:16e4186db10c7459608038d08fb6536d43763d74e18051231b792c2225807fb1_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:1d0d5fe8682b94e95e56d38083c28a3acbe359257922b9557b6ef5c0cb065e43_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:61b1b737c3715c51509817f89aba789e30a4cb0e1ef0ad18e82cc3ee62422e94_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:f7cd7119f566c04f45b02e64ed34e89b39eaa77b6321ba627ac7ff132ed68a10_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-17T01:06:13+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:67f7694d2ad6a891ddc005df6c49d4dd0f496ee9f89f28ff21af4bdba74dbaeb_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7a68a55335de933f652c75b80d4f246a72508b958d5d5f36769337af94a0eb9b_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7cd69508a66f01778c6086d8db3a384562e76d2650bdae1c6b55dc0bc477c9a2_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ad0bef3510f1a50bdd0eabb9044c3240c3dcc63e4cb32ee948d291a4571f4373_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:076468826a7c34dbd8c5ff8dff493022e4f509e271c5a84f19c5de3e8ff0f915_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:30d35cb3567dce38efb9800c97177981d5402baa50b435c9fc17f9d39b150705_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:69cb8f8c4added49195f69dc12da5d3a20f08e66513c45a07b8231fe79a9ccd0_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:bfc0b9e987ad9ed150b0f31046f37ab13c5b54a4d8bc23e8609329194ec5376e_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:87f5ce87383392ca51522fe04bbef7ecdba1070b1a55a80d893ba8143e029664_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:90ced4a8d261d1956466cfde2c66fbb01a3902c4bba9242ec043eac10f727cc2_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:cce25ed95c206ba67c143655e5a7774e2a60b450895db8e46bd808741d517250_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:d881c0e6fb73ef46d1e7622723172645fa7b05a3afb8a1a6b7bec221bbf48884_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23428"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:67f7694d2ad6a891ddc005df6c49d4dd0f496ee9f89f28ff21af4bdba74dbaeb_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7a68a55335de933f652c75b80d4f246a72508b958d5d5f36769337af94a0eb9b_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7cd69508a66f01778c6086d8db3a384562e76d2650bdae1c6b55dc0bc477c9a2_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ad0bef3510f1a50bdd0eabb9044c3240c3dcc63e4cb32ee948d291a4571f4373_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:02d64a5e1254f66b6daae1188688d5289acb7832819005de439285ba1dc68f20_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:495889e652f44420a47899e456d7bbf1b1e9a4eecf026550c860ac45b7fa2d7d_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:8e65ccadd704d3324991a931f5dcc99097c1b9918cbf7fbe8c9b558da58dff6e_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:df5dfb9e86987b37fc3f732f3be3f1a3e3dcf415e4b0cfb06767d94349212504_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:076468826a7c34dbd8c5ff8dff493022e4f509e271c5a84f19c5de3e8ff0f915_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:30d35cb3567dce38efb9800c97177981d5402baa50b435c9fc17f9d39b150705_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:69cb8f8c4added49195f69dc12da5d3a20f08e66513c45a07b8231fe79a9ccd0_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:bfc0b9e987ad9ed150b0f31046f37ab13c5b54a4d8bc23e8609329194ec5376e_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:f8eb9c20cc10dca52fb053723208b4dec03a4e98efab7a72cfcf7ea8a1bc4032_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:16e4186db10c7459608038d08fb6536d43763d74e18051231b792c2225807fb1_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:1d0d5fe8682b94e95e56d38083c28a3acbe359257922b9557b6ef5c0cb065e43_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:61b1b737c3715c51509817f89aba789e30a4cb0e1ef0ad18e82cc3ee62422e94_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:f7cd7119f566c04f45b02e64ed34e89b39eaa77b6321ba627ac7ff132ed68a10_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:87f5ce87383392ca51522fe04bbef7ecdba1070b1a55a80d893ba8143e029664_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:90ced4a8d261d1956466cfde2c66fbb01a3902c4bba9242ec043eac10f727cc2_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:cce25ed95c206ba67c143655e5a7774e2a60b450895db8e46bd808741d517250_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:d881c0e6fb73ef46d1e7622723172645fa7b05a3afb8a1a6b7bec221bbf48884_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:67f7694d2ad6a891ddc005df6c49d4dd0f496ee9f89f28ff21af4bdba74dbaeb_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7a68a55335de933f652c75b80d4f246a72508b958d5d5f36769337af94a0eb9b_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:7cd69508a66f01778c6086d8db3a384562e76d2650bdae1c6b55dc0bc477c9a2_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ad0bef3510f1a50bdd0eabb9044c3240c3dcc63e4cb32ee948d291a4571f4373_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:02d64a5e1254f66b6daae1188688d5289acb7832819005de439285ba1dc68f20_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:495889e652f44420a47899e456d7bbf1b1e9a4eecf026550c860ac45b7fa2d7d_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:8e65ccadd704d3324991a931f5dcc99097c1b9918cbf7fbe8c9b558da58dff6e_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:df5dfb9e86987b37fc3f732f3be3f1a3e3dcf415e4b0cfb06767d94349212504_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:076468826a7c34dbd8c5ff8dff493022e4f509e271c5a84f19c5de3e8ff0f915_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:30d35cb3567dce38efb9800c97177981d5402baa50b435c9fc17f9d39b150705_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:69cb8f8c4added49195f69dc12da5d3a20f08e66513c45a07b8231fe79a9ccd0_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:bfc0b9e987ad9ed150b0f31046f37ab13c5b54a4d8bc23e8609329194ec5376e_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:f8eb9c20cc10dca52fb053723208b4dec03a4e98efab7a72cfcf7ea8a1bc4032_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:16e4186db10c7459608038d08fb6536d43763d74e18051231b792c2225807fb1_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:1d0d5fe8682b94e95e56d38083c28a3acbe359257922b9557b6ef5c0cb065e43_amd64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:61b1b737c3715c51509817f89aba789e30a4cb0e1ef0ad18e82cc3ee62422e94_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:f7cd7119f566c04f45b02e64ed34e89b39eaa77b6321ba627ac7ff132ed68a10_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:87f5ce87383392ca51522fe04bbef7ecdba1070b1a55a80d893ba8143e029664_ppc64le",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:90ced4a8d261d1956466cfde2c66fbb01a3902c4bba9242ec043eac10f727cc2_arm64",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:cce25ed95c206ba67c143655e5a7774e2a60b450895db8e46bd808741d517250_s390x",
"Multicluster Global Hub 1.5.4:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:d881c0e6fb73ef46d1e7622723172645fa7b05a3afb8a1a6b7bec221bbf48884_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
}
]
}
RHSA-2025:23644
Vulnerability from csaf_redhat - Published: 2025-12-18 10:46 - Updated: 2026-06-10 21:18Summary
Red Hat Security Advisory: Red Hat multicluster global hub 1.4.3 security update
Severity
Important
Notes
Topic: Red Hat multicluster global hub v1.4.3 general availability release images, which provide security fixes, bug fixes, and updated container images.
Red Hat Product Security has rated this update as having a security impact of Important.
A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.
Details: Red Hat multicluster global hub is a set of components that enable you to import one or more hub clusters and manage them from a single hub cluster.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
7.7 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bc1e1cc514bf3bcbb6f9f69ac076c56223edb0e8a3e31de2489371296654e19d_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bd8126c2bed30841364c5170ac349f9d6cb0f4e369147f39114bb068102a5bec_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ca2fa685ba62b2e1a60282e28e60b74d4cd7f413fb8b6b5c3dab2f1184eaf649_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:edda7701a3d88fe21a9b1b693db2d50d0430a657c8f08952c744cda4efa3e36e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0a3b2c16808b83096039d9ed152263d6c6d1b0490d0947a528a5ea1ede4d1b93_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:242aee0257e823b6537c263d99138a0e801a1d586f211c45290e64722c18acf4_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:28312f96f28c723f098147a02e9b8b49781178382e088c192f0a0c37c6952eeb_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:d109c78975ea21f6b48bfa2c2c5bd734a7c1a28cf25cc7fc823fa381c4eaf805_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3be3e9b4f32e57f54582c3ea6e29defd189d412a89526001a366095186bd2f83_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:94ba79e7b694777758332121c46991f31622ec736aa0ad1e34a796acfb10749f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ad0096b855e5e9612b8e576186763c76df6671ded8f66ce2b861a57bfbe3c622_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ef4b3040c03473c16c8c7f0dea8482337db9219a805fe4377c2bb976d33b59db_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:17a65d2daf8836c1b88156f947a7a897f4713866df8dc0a69cf49cb94ec842e1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:1ef15bdb7bf1a9c13426d1ae25b675041e045958f80937b12d71cc15837eb585_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20a95eeeb8693c00af9c8835130c179be35f7445b6b07a68b12a8189e974524f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:de645819f0a36aa8c7a6997d7338ad9fa7b2fd300dc5322d68dfdaaa6f1bd184_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:c22a91b57ed751d0ccc80494845e490dc36041b94f810ef822edb3abba885593_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:08f79193f00ffd79cfa4b75a58bf71ac2f4b859badd6a46c3d03fcb4e59226f0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:44120974278d52f6f302bba15ed9dc01602fe2e59dd2606cbfe53582aa38ace3_arm64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7de5a370e926553a091305bcdb9f66fa1dba7cdff45838e4e9bf09a8c54bda93_amd64 | — |
Workaround
|
|
| Unresolved product id: Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:ffd0e799f2b3889a4c9a8971d79bbcc2e863b7405f44d1e22d774963b9520dd3_s390x | — |
Workaround
|
Threats
Impact
Important
References
11 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat multicluster global hub v1.4.3 general availability release images, which provide security fixes, bug fixes, and updated container images.\n\nRed Hat Product Security has rated this update as having a security impact of Important. \nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat multicluster global hub is a set of components that enable you to import one or more hub clusters and manage them from a single hub cluster.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:23644",
"url": "https://access.redhat.com/errata/RHSA-2025:23644"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_23644.json"
}
],
"title": "Red Hat Security Advisory: Red Hat multicluster global hub 1.4.3 security update",
"tracking": {
"current_release_date": "2026-06-10T21:18:50+00:00",
"generator": {
"date": "2026-06-10T21:18:50+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.2"
}
},
"id": "RHSA-2025:23644",
"initial_release_date": "2025-12-18T10:46:11+00:00",
"revision_history": [
{
"date": "2025-12-18T10:46:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-12-18T10:46:20+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-10T21:18:50+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Multicluster Global Hub 1.4.5",
"product": {
"name": "Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:multicluster_globalhub:1.4::el9"
}
}
}
],
"category": "product_family",
"name": "Multicluster Global Hub"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:242aee0257e823b6537c263d99138a0e801a1d586f211c45290e64722c18acf4_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:242aee0257e823b6537c263d99138a0e801a1d586f211c45290e64722c18acf4_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:242aee0257e823b6537c263d99138a0e801a1d586f211c45290e64722c18acf4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3A242aee0257e823b6537c263d99138a0e801a1d586f211c45290e64722c18acf4?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765627216"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bd8126c2bed30841364c5170ac349f9d6cb0f4e369147f39114bb068102a5bec_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bd8126c2bed30841364c5170ac349f9d6cb0f4e369147f39114bb068102a5bec_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bd8126c2bed30841364c5170ac349f9d6cb0f4e369147f39114bb068102a5bec_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3Abd8126c2bed30841364c5170ac349f9d6cb0f4e369147f39114bb068102a5bec?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765591609"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ad0096b855e5e9612b8e576186763c76df6671ded8f66ce2b861a57bfbe3c622_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ad0096b855e5e9612b8e576186763c76df6671ded8f66ce2b861a57bfbe3c622_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ad0096b855e5e9612b8e576186763c76df6671ded8f66ce2b861a57bfbe3c622_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3Aad0096b855e5e9612b8e576186763c76df6671ded8f66ce2b861a57bfbe3c622?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765594275"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:c22a91b57ed751d0ccc80494845e490dc36041b94f810ef822edb3abba885593_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:c22a91b57ed751d0ccc80494845e490dc36041b94f810ef822edb3abba885593_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:c22a91b57ed751d0ccc80494845e490dc36041b94f810ef822edb3abba885593_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-operator-bundle@sha256%3Ac22a91b57ed751d0ccc80494845e490dc36041b94f810ef822edb3abba885593?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765961071"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:1ef15bdb7bf1a9c13426d1ae25b675041e045958f80937b12d71cc15837eb585_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:1ef15bdb7bf1a9c13426d1ae25b675041e045958f80937b12d71cc15837eb585_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:1ef15bdb7bf1a9c13426d1ae25b675041e045958f80937b12d71cc15837eb585_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3A1ef15bdb7bf1a9c13426d1ae25b675041e045958f80937b12d71cc15837eb585?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765591447"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7de5a370e926553a091305bcdb9f66fa1dba7cdff45838e4e9bf09a8c54bda93_amd64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7de5a370e926553a091305bcdb9f66fa1dba7cdff45838e4e9bf09a8c54bda93_amd64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7de5a370e926553a091305bcdb9f66fa1dba7cdff45838e4e9bf09a8c54bda93_amd64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A7de5a370e926553a091305bcdb9f66fa1dba7cdff45838e4e9bf09a8c54bda93?arch=amd64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765375270"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0a3b2c16808b83096039d9ed152263d6c6d1b0490d0947a528a5ea1ede4d1b93_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0a3b2c16808b83096039d9ed152263d6c6d1b0490d0947a528a5ea1ede4d1b93_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0a3b2c16808b83096039d9ed152263d6c6d1b0490d0947a528a5ea1ede4d1b93_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3A0a3b2c16808b83096039d9ed152263d6c6d1b0490d0947a528a5ea1ede4d1b93?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765627216"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bc1e1cc514bf3bcbb6f9f69ac076c56223edb0e8a3e31de2489371296654e19d_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bc1e1cc514bf3bcbb6f9f69ac076c56223edb0e8a3e31de2489371296654e19d_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bc1e1cc514bf3bcbb6f9f69ac076c56223edb0e8a3e31de2489371296654e19d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3Abc1e1cc514bf3bcbb6f9f69ac076c56223edb0e8a3e31de2489371296654e19d?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765591609"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3be3e9b4f32e57f54582c3ea6e29defd189d412a89526001a366095186bd2f83_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3be3e9b4f32e57f54582c3ea6e29defd189d412a89526001a366095186bd2f83_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3be3e9b4f32e57f54582c3ea6e29defd189d412a89526001a366095186bd2f83_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3A3be3e9b4f32e57f54582c3ea6e29defd189d412a89526001a366095186bd2f83?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765594275"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:de645819f0a36aa8c7a6997d7338ad9fa7b2fd300dc5322d68dfdaaa6f1bd184_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:de645819f0a36aa8c7a6997d7338ad9fa7b2fd300dc5322d68dfdaaa6f1bd184_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:de645819f0a36aa8c7a6997d7338ad9fa7b2fd300dc5322d68dfdaaa6f1bd184_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3Ade645819f0a36aa8c7a6997d7338ad9fa7b2fd300dc5322d68dfdaaa6f1bd184?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765591447"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:08f79193f00ffd79cfa4b75a58bf71ac2f4b859badd6a46c3d03fcb4e59226f0_ppc64le",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:08f79193f00ffd79cfa4b75a58bf71ac2f4b859badd6a46c3d03fcb4e59226f0_ppc64le",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:08f79193f00ffd79cfa4b75a58bf71ac2f4b859badd6a46c3d03fcb4e59226f0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A08f79193f00ffd79cfa4b75a58bf71ac2f4b859badd6a46c3d03fcb4e59226f0?arch=ppc64le\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765375270"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:28312f96f28c723f098147a02e9b8b49781178382e088c192f0a0c37c6952eeb_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:28312f96f28c723f098147a02e9b8b49781178382e088c192f0a0c37c6952eeb_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:28312f96f28c723f098147a02e9b8b49781178382e088c192f0a0c37c6952eeb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3A28312f96f28c723f098147a02e9b8b49781178382e088c192f0a0c37c6952eeb?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765627216"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ca2fa685ba62b2e1a60282e28e60b74d4cd7f413fb8b6b5c3dab2f1184eaf649_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ca2fa685ba62b2e1a60282e28e60b74d4cd7f413fb8b6b5c3dab2f1184eaf649_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ca2fa685ba62b2e1a60282e28e60b74d4cd7f413fb8b6b5c3dab2f1184eaf649_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3Aca2fa685ba62b2e1a60282e28e60b74d4cd7f413fb8b6b5c3dab2f1184eaf649?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765591609"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ef4b3040c03473c16c8c7f0dea8482337db9219a805fe4377c2bb976d33b59db_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ef4b3040c03473c16c8c7f0dea8482337db9219a805fe4377c2bb976d33b59db_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ef4b3040c03473c16c8c7f0dea8482337db9219a805fe4377c2bb976d33b59db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3Aef4b3040c03473c16c8c7f0dea8482337db9219a805fe4377c2bb976d33b59db?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765594275"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20a95eeeb8693c00af9c8835130c179be35f7445b6b07a68b12a8189e974524f_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20a95eeeb8693c00af9c8835130c179be35f7445b6b07a68b12a8189e974524f_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20a95eeeb8693c00af9c8835130c179be35f7445b6b07a68b12a8189e974524f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3A20a95eeeb8693c00af9c8835130c179be35f7445b6b07a68b12a8189e974524f?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765591447"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:ffd0e799f2b3889a4c9a8971d79bbcc2e863b7405f44d1e22d774963b9520dd3_s390x",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:ffd0e799f2b3889a4c9a8971d79bbcc2e863b7405f44d1e22d774963b9520dd3_s390x",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:ffd0e799f2b3889a4c9a8971d79bbcc2e863b7405f44d1e22d774963b9520dd3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3Affd0e799f2b3889a4c9a8971d79bbcc2e863b7405f44d1e22d774963b9520dd3?arch=s390x\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765375270"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:d109c78975ea21f6b48bfa2c2c5bd734a7c1a28cf25cc7fc823fa381c4eaf805_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:d109c78975ea21f6b48bfa2c2c5bd734a7c1a28cf25cc7fc823fa381c4eaf805_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:d109c78975ea21f6b48bfa2c2c5bd734a7c1a28cf25cc7fc823fa381c4eaf805_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-grafana-rhel9@sha256%3Ad109c78975ea21f6b48bfa2c2c5bd734a7c1a28cf25cc7fc823fa381c4eaf805?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765627216"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:edda7701a3d88fe21a9b1b693db2d50d0430a657c8f08952c744cda4efa3e36e_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:edda7701a3d88fe21a9b1b693db2d50d0430a657c8f08952c744cda4efa3e36e_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:edda7701a3d88fe21a9b1b693db2d50d0430a657c8f08952c744cda4efa3e36e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-agent-rhel9@sha256%3Aedda7701a3d88fe21a9b1b693db2d50d0430a657c8f08952c744cda4efa3e36e?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765591609"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:94ba79e7b694777758332121c46991f31622ec736aa0ad1e34a796acfb10749f_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:94ba79e7b694777758332121c46991f31622ec736aa0ad1e34a796acfb10749f_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:94ba79e7b694777758332121c46991f31622ec736aa0ad1e34a796acfb10749f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-manager-rhel9@sha256%3A94ba79e7b694777758332121c46991f31622ec736aa0ad1e34a796acfb10749f?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765594275"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:17a65d2daf8836c1b88156f947a7a897f4713866df8dc0a69cf49cb94ec842e1_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:17a65d2daf8836c1b88156f947a7a897f4713866df8dc0a69cf49cb94ec842e1_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:17a65d2daf8836c1b88156f947a7a897f4713866df8dc0a69cf49cb94ec842e1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-rhel9-operator@sha256%3A17a65d2daf8836c1b88156f947a7a897f4713866df8dc0a69cf49cb94ec842e1?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765591447"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:44120974278d52f6f302bba15ed9dc01602fe2e59dd2606cbfe53582aa38ace3_arm64",
"product": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:44120974278d52f6f302bba15ed9dc01602fe2e59dd2606cbfe53582aa38ace3_arm64",
"product_id": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:44120974278d52f6f302bba15ed9dc01602fe2e59dd2606cbfe53582aa38ace3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/multicluster-globalhub-postgres-exporter-rhel9@sha256%3A44120974278d52f6f302bba15ed9dc01602fe2e59dd2606cbfe53582aa38ace3?arch=arm64\u0026repository_url=registry.redhat.io/multicluster-globalhub\u0026tag=1.4.3-1765375270"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bc1e1cc514bf3bcbb6f9f69ac076c56223edb0e8a3e31de2489371296654e19d_ppc64le as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bc1e1cc514bf3bcbb6f9f69ac076c56223edb0e8a3e31de2489371296654e19d_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bc1e1cc514bf3bcbb6f9f69ac076c56223edb0e8a3e31de2489371296654e19d_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bd8126c2bed30841364c5170ac349f9d6cb0f4e369147f39114bb068102a5bec_amd64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bd8126c2bed30841364c5170ac349f9d6cb0f4e369147f39114bb068102a5bec_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bd8126c2bed30841364c5170ac349f9d6cb0f4e369147f39114bb068102a5bec_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ca2fa685ba62b2e1a60282e28e60b74d4cd7f413fb8b6b5c3dab2f1184eaf649_s390x as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ca2fa685ba62b2e1a60282e28e60b74d4cd7f413fb8b6b5c3dab2f1184eaf649_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ca2fa685ba62b2e1a60282e28e60b74d4cd7f413fb8b6b5c3dab2f1184eaf649_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:edda7701a3d88fe21a9b1b693db2d50d0430a657c8f08952c744cda4efa3e36e_arm64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:edda7701a3d88fe21a9b1b693db2d50d0430a657c8f08952c744cda4efa3e36e_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:edda7701a3d88fe21a9b1b693db2d50d0430a657c8f08952c744cda4efa3e36e_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0a3b2c16808b83096039d9ed152263d6c6d1b0490d0947a528a5ea1ede4d1b93_ppc64le as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0a3b2c16808b83096039d9ed152263d6c6d1b0490d0947a528a5ea1ede4d1b93_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0a3b2c16808b83096039d9ed152263d6c6d1b0490d0947a528a5ea1ede4d1b93_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:242aee0257e823b6537c263d99138a0e801a1d586f211c45290e64722c18acf4_amd64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:242aee0257e823b6537c263d99138a0e801a1d586f211c45290e64722c18acf4_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:242aee0257e823b6537c263d99138a0e801a1d586f211c45290e64722c18acf4_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:28312f96f28c723f098147a02e9b8b49781178382e088c192f0a0c37c6952eeb_s390x as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:28312f96f28c723f098147a02e9b8b49781178382e088c192f0a0c37c6952eeb_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:28312f96f28c723f098147a02e9b8b49781178382e088c192f0a0c37c6952eeb_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:d109c78975ea21f6b48bfa2c2c5bd734a7c1a28cf25cc7fc823fa381c4eaf805_arm64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:d109c78975ea21f6b48bfa2c2c5bd734a7c1a28cf25cc7fc823fa381c4eaf805_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:d109c78975ea21f6b48bfa2c2c5bd734a7c1a28cf25cc7fc823fa381c4eaf805_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3be3e9b4f32e57f54582c3ea6e29defd189d412a89526001a366095186bd2f83_ppc64le as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3be3e9b4f32e57f54582c3ea6e29defd189d412a89526001a366095186bd2f83_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3be3e9b4f32e57f54582c3ea6e29defd189d412a89526001a366095186bd2f83_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:94ba79e7b694777758332121c46991f31622ec736aa0ad1e34a796acfb10749f_arm64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:94ba79e7b694777758332121c46991f31622ec736aa0ad1e34a796acfb10749f_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:94ba79e7b694777758332121c46991f31622ec736aa0ad1e34a796acfb10749f_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ad0096b855e5e9612b8e576186763c76df6671ded8f66ce2b861a57bfbe3c622_amd64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ad0096b855e5e9612b8e576186763c76df6671ded8f66ce2b861a57bfbe3c622_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ad0096b855e5e9612b8e576186763c76df6671ded8f66ce2b861a57bfbe3c622_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ef4b3040c03473c16c8c7f0dea8482337db9219a805fe4377c2bb976d33b59db_s390x as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ef4b3040c03473c16c8c7f0dea8482337db9219a805fe4377c2bb976d33b59db_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ef4b3040c03473c16c8c7f0dea8482337db9219a805fe4377c2bb976d33b59db_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:c22a91b57ed751d0ccc80494845e490dc36041b94f810ef822edb3abba885593_amd64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:c22a91b57ed751d0ccc80494845e490dc36041b94f810ef822edb3abba885593_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:c22a91b57ed751d0ccc80494845e490dc36041b94f810ef822edb3abba885593_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:08f79193f00ffd79cfa4b75a58bf71ac2f4b859badd6a46c3d03fcb4e59226f0_ppc64le as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:08f79193f00ffd79cfa4b75a58bf71ac2f4b859badd6a46c3d03fcb4e59226f0_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:08f79193f00ffd79cfa4b75a58bf71ac2f4b859badd6a46c3d03fcb4e59226f0_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:44120974278d52f6f302bba15ed9dc01602fe2e59dd2606cbfe53582aa38ace3_arm64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:44120974278d52f6f302bba15ed9dc01602fe2e59dd2606cbfe53582aa38ace3_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:44120974278d52f6f302bba15ed9dc01602fe2e59dd2606cbfe53582aa38ace3_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7de5a370e926553a091305bcdb9f66fa1dba7cdff45838e4e9bf09a8c54bda93_amd64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7de5a370e926553a091305bcdb9f66fa1dba7cdff45838e4e9bf09a8c54bda93_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7de5a370e926553a091305bcdb9f66fa1dba7cdff45838e4e9bf09a8c54bda93_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:ffd0e799f2b3889a4c9a8971d79bbcc2e863b7405f44d1e22d774963b9520dd3_s390x as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:ffd0e799f2b3889a4c9a8971d79bbcc2e863b7405f44d1e22d774963b9520dd3_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:ffd0e799f2b3889a4c9a8971d79bbcc2e863b7405f44d1e22d774963b9520dd3_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:17a65d2daf8836c1b88156f947a7a897f4713866df8dc0a69cf49cb94ec842e1_arm64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:17a65d2daf8836c1b88156f947a7a897f4713866df8dc0a69cf49cb94ec842e1_arm64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:17a65d2daf8836c1b88156f947a7a897f4713866df8dc0a69cf49cb94ec842e1_arm64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:1ef15bdb7bf1a9c13426d1ae25b675041e045958f80937b12d71cc15837eb585_amd64 as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:1ef15bdb7bf1a9c13426d1ae25b675041e045958f80937b12d71cc15837eb585_amd64"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:1ef15bdb7bf1a9c13426d1ae25b675041e045958f80937b12d71cc15837eb585_amd64",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20a95eeeb8693c00af9c8835130c179be35f7445b6b07a68b12a8189e974524f_s390x as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20a95eeeb8693c00af9c8835130c179be35f7445b6b07a68b12a8189e974524f_s390x"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20a95eeeb8693c00af9c8835130c179be35f7445b6b07a68b12a8189e974524f_s390x",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:de645819f0a36aa8c7a6997d7338ad9fa7b2fd300dc5322d68dfdaaa6f1bd184_ppc64le as a component of Multicluster Global Hub 1.4.5",
"product_id": "Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:de645819f0a36aa8c7a6997d7338ad9fa7b2fd300dc5322d68dfdaaa6f1bd184_ppc64le"
},
"product_reference": "registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:de645819f0a36aa8c7a6997d7338ad9fa7b2fd300dc5322d68dfdaaa6f1bd184_ppc64le",
"relates_to_product_reference": "Multicluster Global Hub 1.4.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:c22a91b57ed751d0ccc80494845e490dc36041b94f810ef822edb3abba885593_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:08f79193f00ffd79cfa4b75a58bf71ac2f4b859badd6a46c3d03fcb4e59226f0_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:44120974278d52f6f302bba15ed9dc01602fe2e59dd2606cbfe53582aa38ace3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7de5a370e926553a091305bcdb9f66fa1dba7cdff45838e4e9bf09a8c54bda93_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:ffd0e799f2b3889a4c9a8971d79bbcc2e863b7405f44d1e22d774963b9520dd3_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bc1e1cc514bf3bcbb6f9f69ac076c56223edb0e8a3e31de2489371296654e19d_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bd8126c2bed30841364c5170ac349f9d6cb0f4e369147f39114bb068102a5bec_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ca2fa685ba62b2e1a60282e28e60b74d4cd7f413fb8b6b5c3dab2f1184eaf649_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:edda7701a3d88fe21a9b1b693db2d50d0430a657c8f08952c744cda4efa3e36e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0a3b2c16808b83096039d9ed152263d6c6d1b0490d0947a528a5ea1ede4d1b93_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:242aee0257e823b6537c263d99138a0e801a1d586f211c45290e64722c18acf4_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:28312f96f28c723f098147a02e9b8b49781178382e088c192f0a0c37c6952eeb_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:d109c78975ea21f6b48bfa2c2c5bd734a7c1a28cf25cc7fc823fa381c4eaf805_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3be3e9b4f32e57f54582c3ea6e29defd189d412a89526001a366095186bd2f83_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:94ba79e7b694777758332121c46991f31622ec736aa0ad1e34a796acfb10749f_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ad0096b855e5e9612b8e576186763c76df6671ded8f66ce2b861a57bfbe3c622_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ef4b3040c03473c16c8c7f0dea8482337db9219a805fe4377c2bb976d33b59db_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:17a65d2daf8836c1b88156f947a7a897f4713866df8dc0a69cf49cb94ec842e1_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:1ef15bdb7bf1a9c13426d1ae25b675041e045958f80937b12d71cc15837eb585_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20a95eeeb8693c00af9c8835130c179be35f7445b6b07a68b12a8189e974524f_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:de645819f0a36aa8c7a6997d7338ad9fa7b2fd300dc5322d68dfdaaa6f1bd184_ppc64le"
],
"known_not_affected": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:c22a91b57ed751d0ccc80494845e490dc36041b94f810ef822edb3abba885593_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:08f79193f00ffd79cfa4b75a58bf71ac2f4b859badd6a46c3d03fcb4e59226f0_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:44120974278d52f6f302bba15ed9dc01602fe2e59dd2606cbfe53582aa38ace3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7de5a370e926553a091305bcdb9f66fa1dba7cdff45838e4e9bf09a8c54bda93_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:ffd0e799f2b3889a4c9a8971d79bbcc2e863b7405f44d1e22d774963b9520dd3_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-12-18T10:46:11+00:00",
"details": "For more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.13/html/multicluster_global_hub/index",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bc1e1cc514bf3bcbb6f9f69ac076c56223edb0e8a3e31de2489371296654e19d_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bd8126c2bed30841364c5170ac349f9d6cb0f4e369147f39114bb068102a5bec_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ca2fa685ba62b2e1a60282e28e60b74d4cd7f413fb8b6b5c3dab2f1184eaf649_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:edda7701a3d88fe21a9b1b693db2d50d0430a657c8f08952c744cda4efa3e36e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0a3b2c16808b83096039d9ed152263d6c6d1b0490d0947a528a5ea1ede4d1b93_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:242aee0257e823b6537c263d99138a0e801a1d586f211c45290e64722c18acf4_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:28312f96f28c723f098147a02e9b8b49781178382e088c192f0a0c37c6952eeb_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:d109c78975ea21f6b48bfa2c2c5bd734a7c1a28cf25cc7fc823fa381c4eaf805_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3be3e9b4f32e57f54582c3ea6e29defd189d412a89526001a366095186bd2f83_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:94ba79e7b694777758332121c46991f31622ec736aa0ad1e34a796acfb10749f_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ad0096b855e5e9612b8e576186763c76df6671ded8f66ce2b861a57bfbe3c622_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ef4b3040c03473c16c8c7f0dea8482337db9219a805fe4377c2bb976d33b59db_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:17a65d2daf8836c1b88156f947a7a897f4713866df8dc0a69cf49cb94ec842e1_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:1ef15bdb7bf1a9c13426d1ae25b675041e045958f80937b12d71cc15837eb585_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20a95eeeb8693c00af9c8835130c179be35f7445b6b07a68b12a8189e974524f_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:de645819f0a36aa8c7a6997d7338ad9fa7b2fd300dc5322d68dfdaaa6f1bd184_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:23644"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bc1e1cc514bf3bcbb6f9f69ac076c56223edb0e8a3e31de2489371296654e19d_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bd8126c2bed30841364c5170ac349f9d6cb0f4e369147f39114bb068102a5bec_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ca2fa685ba62b2e1a60282e28e60b74d4cd7f413fb8b6b5c3dab2f1184eaf649_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:edda7701a3d88fe21a9b1b693db2d50d0430a657c8f08952c744cda4efa3e36e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0a3b2c16808b83096039d9ed152263d6c6d1b0490d0947a528a5ea1ede4d1b93_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:242aee0257e823b6537c263d99138a0e801a1d586f211c45290e64722c18acf4_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:28312f96f28c723f098147a02e9b8b49781178382e088c192f0a0c37c6952eeb_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:d109c78975ea21f6b48bfa2c2c5bd734a7c1a28cf25cc7fc823fa381c4eaf805_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3be3e9b4f32e57f54582c3ea6e29defd189d412a89526001a366095186bd2f83_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:94ba79e7b694777758332121c46991f31622ec736aa0ad1e34a796acfb10749f_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ad0096b855e5e9612b8e576186763c76df6671ded8f66ce2b861a57bfbe3c622_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ef4b3040c03473c16c8c7f0dea8482337db9219a805fe4377c2bb976d33b59db_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:c22a91b57ed751d0ccc80494845e490dc36041b94f810ef822edb3abba885593_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:08f79193f00ffd79cfa4b75a58bf71ac2f4b859badd6a46c3d03fcb4e59226f0_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:44120974278d52f6f302bba15ed9dc01602fe2e59dd2606cbfe53582aa38ace3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7de5a370e926553a091305bcdb9f66fa1dba7cdff45838e4e9bf09a8c54bda93_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:ffd0e799f2b3889a4c9a8971d79bbcc2e863b7405f44d1e22d774963b9520dd3_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:17a65d2daf8836c1b88156f947a7a897f4713866df8dc0a69cf49cb94ec842e1_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:1ef15bdb7bf1a9c13426d1ae25b675041e045958f80937b12d71cc15837eb585_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20a95eeeb8693c00af9c8835130c179be35f7445b6b07a68b12a8189e974524f_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:de645819f0a36aa8c7a6997d7338ad9fa7b2fd300dc5322d68dfdaaa6f1bd184_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bc1e1cc514bf3bcbb6f9f69ac076c56223edb0e8a3e31de2489371296654e19d_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:bd8126c2bed30841364c5170ac349f9d6cb0f4e369147f39114bb068102a5bec_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:ca2fa685ba62b2e1a60282e28e60b74d4cd7f413fb8b6b5c3dab2f1184eaf649_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-agent-rhel9@sha256:edda7701a3d88fe21a9b1b693db2d50d0430a657c8f08952c744cda4efa3e36e_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:0a3b2c16808b83096039d9ed152263d6c6d1b0490d0947a528a5ea1ede4d1b93_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:242aee0257e823b6537c263d99138a0e801a1d586f211c45290e64722c18acf4_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:28312f96f28c723f098147a02e9b8b49781178382e088c192f0a0c37c6952eeb_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-grafana-rhel9@sha256:d109c78975ea21f6b48bfa2c2c5bd734a7c1a28cf25cc7fc823fa381c4eaf805_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:3be3e9b4f32e57f54582c3ea6e29defd189d412a89526001a366095186bd2f83_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:94ba79e7b694777758332121c46991f31622ec736aa0ad1e34a796acfb10749f_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ad0096b855e5e9612b8e576186763c76df6671ded8f66ce2b861a57bfbe3c622_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-manager-rhel9@sha256:ef4b3040c03473c16c8c7f0dea8482337db9219a805fe4377c2bb976d33b59db_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-operator-bundle@sha256:c22a91b57ed751d0ccc80494845e490dc36041b94f810ef822edb3abba885593_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:08f79193f00ffd79cfa4b75a58bf71ac2f4b859badd6a46c3d03fcb4e59226f0_ppc64le",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:44120974278d52f6f302bba15ed9dc01602fe2e59dd2606cbfe53582aa38ace3_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:7de5a370e926553a091305bcdb9f66fa1dba7cdff45838e4e9bf09a8c54bda93_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-postgres-exporter-rhel9@sha256:ffd0e799f2b3889a4c9a8971d79bbcc2e863b7405f44d1e22d774963b9520dd3_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:17a65d2daf8836c1b88156f947a7a897f4713866df8dc0a69cf49cb94ec842e1_arm64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:1ef15bdb7bf1a9c13426d1ae25b675041e045958f80937b12d71cc15837eb585_amd64",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:20a95eeeb8693c00af9c8835130c179be35f7445b6b07a68b12a8189e974524f_s390x",
"Multicluster Global Hub 1.4.5:registry.redhat.io/multicluster-globalhub/multicluster-globalhub-rhel9-operator@sha256:de645819f0a36aa8c7a6997d7338ad9fa7b2fd300dc5322d68dfdaaa6f1bd184_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
}
]
}
RHSA-2026:2343
Vulnerability from csaf_redhat - Published: 2026-02-09 14:20 - Updated: 2026-06-16 18:14Summary
Red Hat Security Advisory: Red Hat OpenShift API for Data Protection
Severity
Important
Notes
Topic: A new version of OpenShift API for Data Protection (OADP) is now available.
Details: OpenShift API for Data Protection (OADP) enables you to back up and restore
application resources, persistent volume data, and internal container
images to external backup storage. OADP enables both file system-based and
snapshot-based backups for persistent volumes.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
7.7 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
8.2 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64 | — |
Workaround
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x | — |
Vendor Fix
fix
|
Known not affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64 | — | ||
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le | — | ||
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x | — | ||
| Unresolved product id: OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64 | — |
Threats
Impact
Important
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A new version of OpenShift API for Data Protection (OADP) is now available.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift API for Data Protection (OADP) enables you to back up and restore\napplication resources, persistent volume data, and internal container\nimages to external backup storage. OADP enables both file system-based and\nsnapshot-based backups for persistent volumes.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2343",
"url": "https://access.redhat.com/errata/RHSA-2026:2343"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/backup_and_restore/oadp-application-backup-and-restore",
"url": "https://docs.redhat.com/en/documentation/openshift_container_platform/latest/html/backup_and_restore/oadp-application-backup-and-restore"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2343.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift API for Data Protection",
"tracking": {
"current_release_date": "2026-06-16T18:14:19+00:00",
"generator": {
"date": "2026-06-16T18:14:19+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:2343",
"initial_release_date": "2026-02-09T14:20:06+00:00",
"revision_history": [
{
"date": "2026-02-09T14:20:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-09T14:20:07+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T18:14:19+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift API for Data Protection 1.5",
"product": {
"name": "OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_api_data_protection:1.5::el9"
}
}
}
],
"category": "product_family",
"name": "OpenShift API for Data Protection"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"product": {
"name": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"product_id": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-hypershift-velero-plugin-rhel9@sha256%3A2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed?arch=amd64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768615081"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"product": {
"name": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"product_id": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256%3Ad3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f?arch=amd64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768597155"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"product": {
"name": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"product_id": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256%3Ac0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2?arch=amd64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768627772"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"product": {
"name": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"product_id": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-non-admin-rhel9@sha256%3Afacd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c?arch=amd64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768636701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"product": {
"name": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"product_id": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256%3A3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb?arch=amd64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768640301"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64",
"product_id": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256%3Ae9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0?arch=amd64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768624122"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256%3Acfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e?arch=amd64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768602558"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256%3A45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f?arch=amd64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768595491"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256%3A8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c?arch=amd64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768625890"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-legacy-aws-rhel9@sha256%3Af2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc?arch=amd64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768618777"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256%3A2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9?arch=amd64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768640265"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"product": {
"name": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"product_id": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-hypershift-velero-plugin-rhel9@sha256%3A947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c?arch=arm64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768615081"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"product": {
"name": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"product_id": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256%3A0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05?arch=arm64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768597155"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"product": {
"name": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"product_id": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256%3A77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1?arch=arm64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768627772"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"product": {
"name": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"product_id": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-non-admin-rhel9@sha256%3A217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503?arch=arm64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768636701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"product": {
"name": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"product_id": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256%3A8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4?arch=arm64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768640301"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"product_id": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256%3A152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1?arch=arm64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768624122"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256%3Ae0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f?arch=arm64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768602558"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256%3Ac390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715?arch=arm64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768595491"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256%3A939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a?arch=arm64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768625890"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-legacy-aws-rhel9@sha256%3A39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974?arch=arm64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768618777"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256%3Aeb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665?arch=arm64\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768640265"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"product": {
"name": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"product_id": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-hypershift-velero-plugin-rhel9@sha256%3A28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53?arch=s390x\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768615081"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"product": {
"name": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"product_id": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256%3A26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735?arch=s390x\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768597155"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"product": {
"name": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"product_id": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256%3Aa28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2?arch=s390x\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768627772"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"product": {
"name": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"product_id": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-non-admin-rhel9@sha256%3Ae80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a?arch=s390x\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768636701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"product": {
"name": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"product_id": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256%3A79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316?arch=s390x\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768640301"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"product_id": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256%3A432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427?arch=s390x\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768624122"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256%3Ae3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d?arch=s390x\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768602558"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256%3Add6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b?arch=s390x\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768595491"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256%3A8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240?arch=s390x\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768625890"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-legacy-aws-rhel9@sha256%3A0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930?arch=s390x\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768618777"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256%3Af4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16?arch=s390x\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768640265"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"product": {
"name": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"product_id": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-hypershift-velero-plugin-rhel9@sha256%3A422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768615081"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"product": {
"name": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"product_id": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-kubevirt-velero-plugin-rhel9@sha256%3Acabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768597155"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"product": {
"name": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"product_id": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-mustgather-rhel9@sha256%3A803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768627772"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"product": {
"name": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"product_id": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-non-admin-rhel9@sha256%3Af00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768636701"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"product": {
"name": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"product_id": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-rhel9-operator@sha256%3Afb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768640301"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"product_id": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-rhel9@sha256%3A38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768624122"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-rhel9@sha256%3Aac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768602558"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-aws-rhel9@sha256%3A15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768595491"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-gcp-rhel9@sha256%3Af98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768625890"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-legacy-aws-rhel9@sha256%3A12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768618777"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"product": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"product_id": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256%3A815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854?arch=ppc64le\u0026repository_url=registry.redhat.io/oadp\u0026tag=1768640265"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x"
},
"product_reference": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64"
},
"product_reference": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le"
},
"product_reference": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64"
},
"product_reference": "registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64"
},
"product_reference": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x"
},
"product_reference": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le"
},
"product_reference": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64"
},
"product_reference": "registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64"
},
"product_reference": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le"
},
"product_reference": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x"
},
"product_reference": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64"
},
"product_reference": "registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64"
},
"product_reference": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x"
},
"product_reference": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le"
},
"product_reference": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64"
},
"product_reference": "registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64"
},
"product_reference": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x"
},
"product_reference": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64"
},
"product_reference": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le"
},
"product_reference": "registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64 as a component of OpenShift API for Data Protection 1.5",
"product_id": "OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
},
"product_reference": "registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64",
"relates_to_product_reference": "OpenShift API for Data Protection 1.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64"
],
"known_not_affected": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T14:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.",
"product_ids": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2343"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x"
],
"known_not_affected": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T14:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.",
"product_ids": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2343"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
],
"known_not_affected": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T14:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.",
"product_ids": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2343"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x"
],
"known_not_affected": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-09T14:20:06+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.",
"product_ids": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2343"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:28804980ce7e4fb06e036547b6c53227802b257f1139220c2f19c16ed0cb8e53_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:2c9332fa68acce79d7defcec12c651d6d331a32208f4325e798cf37971a35fed_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:422d7e9ea2fefb525e116075247d56674738990d33cc4dedfe44ef40200989cf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-hypershift-velero-plugin-rhel9@sha256:947c0829fb3280fcead6c3292fcfec110d29656b7d3fdda9867600684f67b88c_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:0d7962f5278166bda2a3159deac215c5b201c21a10c504796d4048988f765e05_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:26dc2bc51a95d91b31a67796245fc42e8583ecc611ecff0bd1d427d0521ed735_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:cabb4436044c381f2cbedfb5fd7cfb0d4f03bd3724d5e4db79d6b6a290f4cd29_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-kubevirt-velero-plugin-rhel9@sha256:d3e0f9f9317da506b4929a1e479631ade0473cb4e569d5e595e993f1ef99d96f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:77900c0379c2993dfdd4da3ca30461f2c3673d254d17b0b599f98daf16702fe1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:803c0eb52755db8d9a6940e85a79427e0747535b73549fab725e1fe5d3fb2589_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:a28dac3492fe6dd90a1d760e4c161acc4e29b14a0a344859ddb50c48002988c2_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-mustgather-rhel9@sha256:c0fa61e5a80abc4116ba7f11fa94ad73699cceaff0cd6d0ac17e909137b701b2_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:217ca8739c8d38583336f0989965289dbd2c05dfaa002cbad870373c6feff503_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:e80286b9d71393ad76c62fc1048178a2037111bedc51d221b90f9da45f43843a_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:f00ffbf59e1f851a29d3332f9624b370a1fd2aa8b9143bec45f25ecf38ef0612_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-non-admin-rhel9@sha256:facd76a98969b0697bba2073a2a608afaf15d7d219f6f4be7a7f5573e0ae4f2c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:3b961d901a3d90a397a7e123aaa166fdecc90c42b6a602b5de9cf4cd713dcabb_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:79e4fb695f7593c9768d8e5559a5af9cc1cb7ac80c5d683a58cf0fc37d1b2316_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:8e6e5f802c724895bd38499286166758fa64fbda287b6c400cd001e2074d3cf4_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-rhel9-operator@sha256:fb65a2767c9ce08f121f744c8f65b68f8848c945bd8f1f8b8bd0ab867b85abcc_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:15283059b3d528613a05de20e1020320327f309421bd1f757350a91c15663c6d_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:45c756febb37e224d613af1fd2945e9be6573d8ef3fd9784ffd634bb6f9c0f3f_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:c390357481b78a5bf5c8cc1e214a4302e8bdfb84319b95f64dbe83d045dcb715_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-aws-rhel9@sha256:dd6fde5335758d1f215f437e9302e5c132bfa6e9d1c292b989448456116add9b_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8a981496fddc905ce17b167dbcae9a104ee161858f1e160e6e747c8261139240_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:8d7b969e6eba089a08c973044e1bb0ce4b4aee6e3af08c81fb6795aab8f4331c_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:939d14e803a96f2306ab289b9a2a25d87b28ac40bfbe348d3434e79ec651140a_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-gcp-rhel9@sha256:f98615e1feae82f8c1da343e3d22419be1ff03d7c9701c783a8385e5203f90a2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:0650e549ff736eb66bf63ef88aa5e423d8aa3e0dcf0f2b3a1a335154a688a930_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:12574a2b741b3383bee7ab518a2de0e7c57d4db91eb86872e53faab0253b89bf_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:39e62d665b020443d99bc4933f222b4579e076edcc2035c7e7af7b85062b4974_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-legacy-aws-rhel9@sha256:f2ee18730099a6df86ee2acd452b6f510dfeb16f6b026c315588dcd8dfc024bc_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:2c45039f786c313341c94619ed75372334c597353c848b02050f7399b03b54f9_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:815596c7b5d60f85a7f8e71f839a50662f5fde092bd9ce163f6ca5b57937b854_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:eb0b8d74e4bcbf3edfe32b7257301e00cebe7c5d0b5cd50e11ee253eef3f8665_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-for-microsoft-azure-rhel9@sha256:f4ad0d99ab545938dae4c7ed0dff245045a05cae60c8d32ea33a65f47a216c16_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:ac3b1cbabc2059fcee08c35973f1600c2b331d3486ef128fe21a5d90c3452fa2_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:cfca07fd8142801ccb031f920d1b79ef6a829aaf462c22d63be85c63e69cc32e_amd64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e0a41b70190e97bee2d5575d0bf5764cbfcc0214499649034e1fa664bb4b7c5f_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-plugin-rhel9@sha256:e3cad6aea8cb47853f1f0c8b0398b4a51221087c4f35d742fd896c93c2fa860d_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:152390ba6450e46063f3f6fc52008136e49e496992340542b432ddaf67c1b1d1_arm64",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:38e2d08523228de85ab16fb1a756183e7320ba14e1bd0ab2f4725eb060bbbd4a_ppc64le",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:432b45c01e99e4ea82fa2056a3947eb1900180c9c750ebf8a80122ab6852d427_s390x",
"OpenShift API for Data Protection 1.5:registry.redhat.io/oadp/oadp-velero-rhel9@sha256:e9532bac272f65a9aa4a529c6ef73cbd0a47308ada2104f286a10f66de5551e0_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
}
]
}
RHSA-2026:2456
Vulnerability from csaf_redhat - Published: 2026-02-10 17:06 - Updated: 2026-06-16 18:14Summary
Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.26.0 Release.
Severity
Important
Notes
Topic: Red Hat OpenShift Dev Spaces 3.26.0 has been released.
Details: Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.
The 3.26 release is based on Eclipse Che 7.113 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.
Users still using the v1 standard should migrate as soon as possible.
https://devfile.io/docs/2.2.0/migrating-to-devfile-v2
Dev Spaces supports OpenShift EUS releases v4.16 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates.
https://access.redhat.com/support/policy/updates/openshift#crw
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
7.7 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
53 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
45 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
8.2 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Affected products
Fixed
36 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Vendor Fix
fix
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — |
Threats
Impact
Important
A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface (CLI) is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
45 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
53 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Workaround
|
Threats
Impact
Important
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Vendor Fix
fix
|
Known not affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Threats
Impact
Important
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
7.5 (High)
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Workaround
|
Threats
Impact
Important
A path normalization bypass has been discovered in Traefik. When Traefik is configured to route the requests to a backend using a matcher based on the path; if the request path contains an encoded restricted character from the following set ('/', '', 'Null', ';', '?', '#'), it’s possible to target a backend, exposed using another router, by-passing the middlewares chain.
7.4 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Workaround
|
Threats
Impact
Important
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Affected products
Fixed
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Vendor Fix
fix
|
Known not affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Threats
Impact
Important
A cross site scripting flaw has been discovered in the npm react-router and @remix-run/router packages. React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect.
8.0 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
57 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x | — |
Workaround
|
Threats
Impact
Important
References
110 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Dev Spaces 3.26.0 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.\nThe 3.26 release is based on Eclipse Che 7.113 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.\nUsers still using the v1 standard should migrate as soon as possible.\nhttps://devfile.io/docs/2.2.0/migrating-to-devfile-v2\nDev Spaces supports OpenShift EUS releases v4.16 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates.\nhttps://access.redhat.com/support/policy/updates/openshift#crw",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2456",
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.26/html/administration_guide/installing-devspaces",
"url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.26/html/administration_guide/installing-devspaces"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-58183",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-64756",
"url": "https://access.redhat.com/security/cve/CVE-2025-64756"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65945",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66490",
"url": "https://access.redhat.com/security/cve/CVE-2025-66490"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-22029",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2456.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.26.0 Release.",
"tracking": {
"current_release_date": "2026-06-16T18:14:20+00:00",
"generator": {
"date": "2026-06-16T18:14:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:2456",
"initial_release_date": "2026-02-10T17:06:01+00:00",
"revision_history": [
{
"date": "2026-02-10T17:06:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-10T17:06:03+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T18:14:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product": {
"name": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_devspaces:3.26::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Dev Spaces (RHOSDS)"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769680738"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3Aaa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769804221"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3Aeaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769791331"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3Af818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769595755"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769685154"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769539518"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770052193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256%3Abe63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769466457"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3Ade30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769691754"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3Abc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769797105"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3A870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769869786"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769638073"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3Ab520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770164598"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3A7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770046359"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3Ab998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770162394"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3A772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769804221"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3A51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769791331"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3Ae0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769595755"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3Aba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769685154"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769539518"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770052193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"product": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256%3A65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769466457"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3Ab709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769691754"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3Afd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769797105"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"product_id": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256%3Ac72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770186534"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3A4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769869786"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769680738"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3Ae8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769638073"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770164598"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3Acc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770046359"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3Acc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770162394"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3A60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769804221"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3Ac4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769791331"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3A1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769595755"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769685154"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769539518"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770052193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"product": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256%3A5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769466457"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3Affe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769691754"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769797105"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3Afd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769869786"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769680738"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769638073"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3Af592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770164598"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3Aa05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770046359"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3A276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770162394"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3Aa85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769804221"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3Ae2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769791331"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3A8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769595755"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769685154"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769539518"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3A819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770052193"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"product": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256%3Ac06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769466457"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3A024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769691754"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3Ab8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769797105"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3Abc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769869786"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769680738"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1769638073"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3Ada6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770164598"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel10@sha256%3Ab4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770046359"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"product_id": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-base-rhel9@sha256%3A10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770162394"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x"
},
"product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64"
},
"product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64"
},
"product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-64756",
"cwe": {
"id": "CWE-78",
"name": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
},
"discovery_date": "2025-11-17T18:01:28.077927+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2415451"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in glob. This vulnerability allows arbitrary command execution via processing files with malicious names when the glob command-line interface (CLI) is used with the -c/--cmd option, enabling shell metacharacters to trigger command injection.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "glob: glob: Command Injection Vulnerability via Malicious Filenames",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in glob allows arbitrary command execution when the `glob` command-line interface is used with the `-c/--cmd` option to process files with malicious names. The vulnerability is triggered by shell metacharacters in filenames, leading to command injection. The glob CLI tool utilizes the -c option to execute shell commands over the files which matched the searched pattern by using the shell:true parameter when creating the subprocess which will further execute the command informed via \u0027-c\u0027 option, this parameter allows the shell meta characters to be used and processed when executing the command. Given that information glob misses to sanitize the file name to eliminate such characters and expressions from the filename, leading to code execution as when performing the shell expansion such characters will be interpreted as shell commands.\n\nTo exploit this vulnerability the targeted system should run the glob CLI over a file with a maliciously crafted filename, additionally the attacker needs to have enough permission to create such file or trick the user to download and process the required file with the glob CLI.\n\nThis flaw is present in the command line interface of the nodejs-glob package. When the package is used by npm, the command line interface is not used at all, so it cannot be triggered. However, the command line interface implementation is still present on the system, but not directly exposed to the user\u0027s $PATH. To reflect this condition, nodejs packages have been rated with a low severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-64756"
},
{
"category": "external",
"summary": "RHBZ#2415451",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2415451"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-64756",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-64756"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-64756"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146",
"url": "https://github.com/isaacs/node-glob/commit/47473c046b91c67269df7a66eab782a6c2716146"
},
{
"category": "external",
"summary": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2",
"url": "https://github.com/isaacs/node-glob/security/advisories/GHSA-5j98-mcp5-4vw2"
}
],
"release_date": "2025-11-17T17:29:08.029000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"category": "workaround",
"details": "To mitigate this issue, avoid using the `glob` command-line interface with the `-c` or `--cmd` option when processing filenames from untrusted sources. If programmatic use of `glob` is necessary, ensure that filenames are thoroughly sanitized before being passed to commands executed with shell interpretation enabled.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "glob: glob: Command Injection Vulnerability via Malicious Filenames"
},
{
"cve": "CVE-2025-65945",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-12-04T19:01:14.733682+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "RHBZ#2418904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e",
"url": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x",
"url": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x"
}
],
"release_date": "2025-12-04T18:45:37.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2025-66490",
"cwe": {
"id": "CWE-436",
"name": "Interpretation Conflict"
},
"discovery_date": "2025-12-09T01:06:39.573043+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2420301"
}
],
"notes": [
{
"category": "description",
"text": "A path normalization bypass has been discovered in Traefik. When Traefik is configured to route the requests to a backend using a matcher based on the path; if the request path contains an encoded restricted character from the following set (\u0027/\u0027, \u0027\u0027, \u0027Null\u0027, \u0027;\u0027, \u0027?\u0027, \u0027#\u0027), it\u2019s possible to target a backend, exposed using another router, by-passing the middlewares chain.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/traefik/traefik: Traefik Path Normalization Bypass in Router + Middleware Rules",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66490"
},
{
"category": "external",
"summary": "RHBZ#2420301",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2420301"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66490",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66490"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66490",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66490"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v2.11.32",
"url": "https://github.com/traefik/traefik/releases/tag/v2.11.32"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/releases/tag/v3.6.4",
"url": "https://github.com/traefik/traefik/releases/tag/v3.6.4"
},
{
"category": "external",
"summary": "https://github.com/traefik/traefik/security/advisories/GHSA-gm3x-23wp-hc2c",
"url": "https://github.com/traefik/traefik/security/advisories/GHSA-gm3x-23wp-hc2c"
}
],
"release_date": "2025-12-09T00:35:26.530000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/traefik/traefik: Traefik Path Normalization Bypass in Router + Middleware Rules"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-22029",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2026-01-10T04:01:03.694749+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428412"
}
],
"notes": [
{
"category": "description",
"text": "A cross site scripting flaw has been discovered in the npm react-router and @remix-run/router packages. React Router (and Remix v1/v2) SPA open navigation redirects originating from loaders or actions in Framework Mode, Data Mode, or the unstable RSC modes can result in unsafe URLs causing unintended javascript execution on the client. This is only an issue if you are creating redirect paths from untrusted content or via an open redirect.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-22029"
},
{
"category": "external",
"summary": "RHBZ#2428412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428412"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-22029",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22029"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-22029"
},
{
"category": "external",
"summary": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx",
"url": "https://github.com/remix-run/react-router/security/advisories/GHSA-2w69-qvjg-hvjx"
}
],
"release_date": "2026-01-10T02:42:32.736000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-10T17:06:01+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2456"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:60a1c1cf2a755e24203ae76e37c3e1c08f97ae8a1905df3538b31f7d9b543f0f_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:772af8d40b674ce306850d3ecf2b70b39bdceaf9e045a2db9299c0dd8bd5e6b5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a85afca6643f11c1e0d3976d5e679cea06d85675a5859e7e08611139f2450520_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:aa1d96a9c1d9dbf2fe077748807de1e047a17a942a87688c269aa60537b5c6d4_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:51c627941a630d042202df9fbb0be4c289c3c2b4047092d350f564ea9815c55e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:c4339b180ab8f5fc5ea656c6d604ad1342e329557be4fe83f7747e7b30327908_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e2c1df1a1bc028158873b636f8b0341090b7f5211d74d0143c39b3b1f9d36472_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:eaf02961dff765751f8b0f14dbc928401faa0fa60c0ee0bf340ed814509794fc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:1a4accefcf3c48a44818e9126cdb893d469c93b2f058ce3cff6195d823d9e6c5_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:8608f41d9887eb5fea9df4b9c273fea3512c3ad492bbf8e542e6369db15be680_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:e0e7e2242127555100372896dee91fb69dd1a2fdbcce8473a1c343fc6b0b838d_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:f818d47a01fd77940943b79133d1c7bf053359c72832e0df61397847af43f6e7_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:65b57a43496e012535680c5f6758bf4e482f0496619c1502b50cb4852723088e_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:7705755155844d580db7d2ce942bb095545f465be7a091bc14598f5ae83c0301_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:998779815c5a7888b80f635b942a7409733a839f4c7253a7b5ff920129f987ea_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:ba7fc29722ef40b1565978c1f578786ccb65752bc82f50b794f3c5ab0c789d2a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:c72b135ccb51663313a9ed55dc5d46af1fbc2476c0243a523ce531262cb82acf_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:8935901859ad9b07689de3d9ea602adf21bcbd2105cedba83503296230b4adad_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b8ae475ea425efb5d30d2c23cd789ee993ee7e5026ed5c892106512351aee416_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:bc60ec1ad66c342f632d32a64012cae3c4426f54bf08578d60d25a68c31b02cd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:fd35a91b2542252bcd695cd7d02727e8a1c593f1c9a9ec88da92d5d797b17bc5_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0f87d0637586a8d1aedb84b266f9781af80f63c1342b3951559aa18343825993_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:2efc89cc392a8fdb0d2a493aa7cb0d5a6e3cc5efe19054181befe452f293ea59_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:43368b4815eea7a9b1b6a33b061af43f521810efc1c102df0426796e431d0add_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:454566dfa4c035a67f5e4d5ed19289d1c97f2546ee06ef587aff36b3f2cdadee_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:4e83ac026653a09abe7f783844617502298f45d4f12cb46445ad8d27722eed42_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:55e7a74a6e435a77cbdeee2d8d333f830d47c52449a27770310f010c4c4c6dd1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:6a70faa18a51c05328cba689acd2cef1f248ba4d9f78802f3bdc4aff4183d521_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:819f3c80c8241446239d783d01e9a65e3448427a683dbaa5b91ba859329cdbd2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:5295d0aa61988b2722c9171a0c0f7a61e749479979746355861d0c8b6c2b58a8_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:65d7c3ada0b4c4fdfb576f5fbbc8b75264c26a4baabdbbaf2197e05186b6bdd1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:be63fdd87b11d550dbd8cef2b74cbf843ed778365d877684e8525c9b017f3a50_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:c06a36be7e7392da6fcdbdbf79bf704852be05ac7bc094cc63355180b05ed9ba_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:024f64869d4813d8b0938f8cad9a0bf4e4e924a5082ac2ee3ea0bc6ba51edfe5_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b709ca92a102d77f8a090e1503877e12dc24bbd6e91c0205d8402ad3a9c365e9_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:de30783c5550d7dc3ebd71507ce41e4a6f6209663299453aaf35b73f17d161d8_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:ffe5740d684ac4a1b6c440bb4d2ca3ec20d71c008e65fa73f5143c43a7bda339_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:4c5121d8f31d840f55e575bf266f2ca179a81f05dd49fbd63a4ee7e3f8a97001_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:870546a61219ce727b59586e31edb8cbc653ce72264b23a89a916d04a0627fe0_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:bc68ad64665acf9c4807bb4f4ae920da7c2a82716c8bc151bd269a4f234fc69e_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:fd2925764c63cf6ee7cb92dab59cc8f6f696f628e4676b37297dab95aa0187f1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:1a1e372643b7eeabd4acda8b440173ef83087b453a89f554b4c1c006c7a796c8_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:377caaaff59c843357600332c63278fa019eacec2a60567725dd149e98d6d3fb_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:4983729652072e885f84298af878c72f757bfb1e820dbb9ee4ad2494a6bd0f48_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:60460d63a971f7f129f97f1d73f8f577565d82a5f8d476e19b249b6e543dee0b_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:0f0dbdab221c9ea50603b8a48ed61b2e322dc4dc03028611bcb120ea7bc32a81_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:3f001b01ff331475bc37556515ecab11699f54560d33caa8f45e84cb8ff91410_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8d7f9a00fd74530f30b15e62db3d3c7096a04a6e68e28ca1ba04eae538034f93_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:e8da554ed086a4ac5fcbe6ad7797f1f36c965aae3bbb75c2fd446b9dfa1d5592_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:7335ec3e28a4f9e88f03df6ad4b245f6ffc3e0b79aa1c5072f5cf27bbd0dbb17_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:a05ebcc4507fd1c7d47254f6dc9b94a7fd1c0868f17e51cfe6e310f763e9baba_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:b4770ac4b68c340a5efa523751761b725ddfb38d25cf129e2a978f6e3774e7c2_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel10@sha256:cc2df284c22698278472a3cb0b748b797097bacf72e24a13f98c8cd9643452d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:10da53d4e0216c034f57c990d1569c25558f68e65b7fc07e18b3e6be89490162_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:276782b304e7f31d1e846f6acc5caeda45055adb8630d1605ad4ec55431ef6ec_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:b998742f17f56c16942062d11d4f7f62181703f4be20db6fa807a35d016cd7da_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-base-rhel9@sha256:cc54713d9a3f0a44403d9c8d13ae1f9179e2af96b144366b6ae7e753dab4ce70_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:2966ebf5a1744c8bebae6c03efc4685aa8db9de84138fe95a63ad721a42ae06a_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:b520d66efc293127d9f0478eff66e2ddc6830f3b7d6ced0abe931792022a3f70_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:da6e70b4d7cf45da59e36c7741f532d9bfed498a00082560a34491419016c437_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f592ddd74feb260b51087e6555b6e7e42e61dc12a87475e3aa3b7729e33fcf93_s390x"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "@remix-run/router: react-router: React Router vulnerable to XSS via Open Redirects"
}
]
}
RHSA-2026:25127
Vulnerability from csaf_redhat - Published: 2026-06-10 20:51 - Updated: 2026-06-16 18:16Summary
Red Hat Security Advisory: Submariner v0.21 security fixes and container updates
Severity
Important
Notes
Topic: Submariner v0.21 General Availability release images, which provide enhancements, security fixes, and updated container images.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.
Red Hat Advanced Cluster Management for Kubernetes v2.14
Details: Submariner is a Kubernetes operator that enables cross-cluster connectivity for services and pods, implementing KEP-1645 (Multi-Cluster Services API). After deploying the Submariner operator, it can enable direct networking between pods and services across different Kubernetes clusters.
For more information about Submariner, see the Submariner open source community website at: https://submariner.io/.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.
7.7 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Threats
Impact
Important
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Threats
Impact
Moderate
Multiple CoreDNS server implementations (gRPC, HTTPS, and HTTP/3) lack critical resource-limiting controls. An unauthenticated remote attacker can exhaust memory and degrade or crash the server by opening many concurrent connections, streams, or sending oversized request bodies. The issue is similar in nature to CVE-2025-47950 (QUIC DoS) but affects additional server types that do not enforce connection limits, stream limits, or message size constraints.
5.3 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Affected products
Fixed
28 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Vendor Fix
fix
|
Known not affected
5 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Threats
Impact
Important
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in CoreDNS, a DNS server that uses a chain of plugins. This logical vulnerability allows an attacker to bypass DNS access controls. The issue occurs because security plugins, such as 'acl', are evaluated before the 'rewrite' plugin, creating a Time-of-Check Time-of-Use (TOCTOU) flaw. This flaw enables an attacker to circumvent intended access restrictions.
7.7 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in CoreDNS, a DNS server that chains plugins. A remote attacker can exploit this flaw by sending specially crafted DNS queries. This vulnerability exists in CoreDNS's loop detection plugin due to the use of a predictable pseudo-random number generator (PRNG) for generating a secret query name. Successful exploitation can lead to a denial of service (DoS) by crashing the DNS server.
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Threats
Impact
Important
A flaw was found in CoreDNS, a DNS server that chains plugins. A remote, unauthenticated attacker can exploit this vulnerability by repeatedly sending oversized DNS-over-HTTPS (DoH) GET requests. The GET path, unlike the POST path, lacks size validation before processing large `dns=` query parameter values. This can lead to high CPU usage, significant memory allocations, and increased garbage collection, resulting in a Denial of Service (DoS).
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in CoreDNS. An unauthenticated network attacker can exploit incorrect handling of TSIG (Transaction Signature) authentication in the gRPC, QUIC, DoH (DNS over HTTPS), and DoH3 transport implementations. This vulnerability allows an attacker to bypass TSIG protection, leading to unauthorized access to functionalities such as zone transfers and dynamic DNS updates. For DoH and DoH3, the issue is more severe as any request with a TSIG record is treated as authenticated, even with an invalid key.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 | — |
Vendor Fix
fix
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 | — | ||
| Unresolved product id: Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le | — |
Threats
Impact
Important
References
118 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Submariner v0.21 General Availability release images, which provide enhancements, security fixes, and updated container images.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the References section.\nRed Hat Advanced Cluster Management for Kubernetes v2.14",
"title": "Topic"
},
{
"category": "general",
"text": "Submariner is a Kubernetes operator that enables cross-cluster connectivity for services and pods, implementing KEP-1645 (Multi-Cluster Services API). After deploying the Submariner operator, it can enable direct networking between pods and services across different Kubernetes clusters.\n\nFor more information about Submariner, see the Submariner open source community website at: https://submariner.io/.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:25127",
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-25621",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61728",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68151",
"url": "https://access.redhat.com/security/cve/CVE-2025-68151"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26017",
"url": "https://access.redhat.com/security/cve/CVE-2026-26017"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-26018",
"url": "https://access.redhat.com/security/cve/CVE-2026-26018"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32936",
"url": "https://access.redhat.com/security/cve/CVE-2026-32936"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33186",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-35579",
"url": "https://access.redhat.com/security/cve/CVE-2026-35579"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_25127.json"
}
],
"title": "Red Hat Security Advisory: Submariner v0.21 security fixes and container updates",
"tracking": {
"current_release_date": "2026-06-16T18:16:03+00:00",
"generator": {
"date": "2026-06-16T18:16:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.0.0"
}
},
"id": "RHSA-2026:25127",
"initial_release_date": "2026-06-10T20:51:55+00:00",
"revision_history": [
{
"date": "2026-06-10T20:51:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-10T20:51:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-16T18:16:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product": {
"name": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:acm:2.14::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Advanced Cluster Management for Kubernetes"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"product_id": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256%3Abbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=1780204232"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"product_id": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256%3Aeee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=1780204249"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"product_id": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256%3A80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=1780241410"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"product_id": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256%3Acac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=1780238563"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-operator-bundle@sha256%3A5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-operator-bundle\u0026tag=1780248353"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256%3A5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=1780204887"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256%3Aa7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=1780204696"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256%3A2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=1780204322"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"product_id": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256%3A5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5?arch=amd64\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=1780204631"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"product_id": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256%3A0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=1780204232"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"product_id": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256%3A84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=1780204249"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"product_id": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256%3A5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=1780241410"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"product_id": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256%3A5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=1780238563"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"product_id": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256%3A157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=1780204887"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"product_id": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256%3Aed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=1780204696"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"product_id": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256%3A100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=1780204322"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le",
"product_id": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256%3Ac52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1?arch=ppc64le\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=1780204631"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"product_id": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256%3Aeac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=1780204232"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"product_id": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256%3Ae688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=1780204249"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"product_id": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256%3Af928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=1780241410"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"product_id": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256%3A5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=1780238563"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"product_id": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256%3A7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=1780204887"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"product_id": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256%3A2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=1780204696"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"product_id": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256%3A01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=1780204322"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"product_id": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256%3A30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418?arch=s390x\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=1780204631"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"product_id": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-agent-rhel9@sha256%3A6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-agent-rhel9\u0026tag=1780204232"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"product_id": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"product_identification_helper": {
"purl": "pkg:oci/lighthouse-coredns-rhel9@sha256%3Ae802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/lighthouse-coredns-rhel9\u0026tag=1780204249"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"product_id": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"product_identification_helper": {
"purl": "pkg:oci/nettest-rhel9@sha256%3A831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/nettest-rhel9\u0026tag=1780241410"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"product_id": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"product_identification_helper": {
"purl": "pkg:oci/subctl-rhel9@sha256%3Aa154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/subctl-rhel9\u0026tag=1780238563"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"product_id": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-gateway-rhel9@sha256%3A2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-gateway-rhel9\u0026tag=1780204887"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"product_id": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-globalnet-rhel9@sha256%3Abe69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-globalnet-rhel9\u0026tag=1780204696"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"product_id": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-rhel9-operator@sha256%3A60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-rhel9-operator\u0026tag=1780204322"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"product": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"product_id": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/submariner-route-agent-rhel9@sha256%3A83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1?arch=arm64\u0026repository_url=registry.redhat.io/rhacm2/submariner-route-agent-rhel9\u0026tag=1780204631"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64 as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le as a component of Red Hat Advanced Cluster Management for Kubernetes 2.14",
"product_id": "Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
},
"product_reference": "registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le",
"relates_to_product_reference": "Red Hat Advanced Cluster Management for Kubernetes 2.14"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-25621",
"cwe": {
"id": "CWE-279",
"name": "Incorrect Execution-Assigned Permissions"
},
"discovery_date": "2025-11-06T19:01:04.402278+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2413190"
}
],
"notes": [
{
"category": "description",
"text": "A local privilege escalation vulnerability has been discovered in containerd. This vulnerability is the result of an overly broad default permission which allows local users on the host to potentially access the metadata store, the content store and the contents of Kubernetes local volumes. The contents of volumes might include setuid binaries, which could allow a local user on the host to elevate privileges on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/containerd/containerd: containerd local privilege escalation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-25621"
},
{
"category": "external",
"summary": "RHBZ#2413190",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2413190"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-25621",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25621"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-25621"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/blob/main/docs/rootless.md",
"url": "https://github.com/containerd/containerd/blob/main/docs/rootless.md"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5",
"url": "https://github.com/containerd/containerd/commit/7c59e8e9e970d38061a77b586b23655c352bfec5"
},
{
"category": "external",
"summary": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w",
"url": "https://github.com/containerd/containerd/security/advisories/GHSA-pwhc-rpq9-4c8w"
}
],
"release_date": "2025-11-06T18:36:21.566000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "The system administrator on the host can manually chmod the directories to not\nhave group or world accessible permissions:\n```\nchmod 700 /var/lib/containerd\nchmod 700 /run/containerd/io.containerd.grpc.v1.cri\nchmod 700 /run/containerd/io.containerd.sandbox.controller.v1.shim\n```\nAn alternative mitigation would be to run containerd in rootless mode.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/containerd/containerd: containerd local privilege escalation"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2025-68151",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-08T16:01:04.891768+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2428009"
}
],
"notes": [
{
"category": "description",
"text": "Multiple CoreDNS server implementations (gRPC, HTTPS, and HTTP/3) lack critical resource-limiting controls. An unauthenticated remote attacker can exhaust memory and degrade or crash the server by opening many concurrent connections, streams, or sending oversized request bodies. The issue is similar in nature to CVE-2025-47950 (QUIC DoS) but affects additional server types that do not enforce connection limits, stream limits, or message size constraints.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns/core/dnsserver: CoreDNS DoS via unbounded connections and oversized messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68151"
},
{
"category": "external",
"summary": "RHBZ#2428009",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2428009"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68151",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68151"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68151",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68151"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/commit/0d8cbb1a6bcb6bc9c1a489865278b8725fa20812",
"url": "https://github.com/coredns/coredns/commit/0d8cbb1a6bcb6bc9c1a489865278b8725fa20812"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/pull/7490",
"url": "https://github.com/coredns/coredns/pull/7490"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-527x-5wrf-22m2",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-527x-5wrf-22m2"
}
],
"release_date": "2026-01-08T15:33:12.711000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/coredns/coredns/core/dnsserver: CoreDNS DoS via unbounded connections and oversized messages"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-26017",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-03-06T16:01:45.971241+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445244"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CoreDNS, a DNS server that uses a chain of plugins. This logical vulnerability allows an attacker to bypass DNS access controls. The issue occurs because security plugins, such as \u0027acl\u0027, are evaluated before the \u0027rewrite\u0027 plugin, creating a Time-of-Check Time-of-Use (TOCTOU) flaw. This flaw enables an attacker to circumvent intended access restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns: CoreDNS: DNS access control bypass due to plugin execution order flaw",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26017"
},
{
"category": "external",
"summary": "RHBZ#2445244",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445244"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26017",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26017"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26017",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26017"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/releases/tag/v1.14.2",
"url": "https://github.com/coredns/coredns/releases/tag/v1.14.2"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-c9v3-4pv7-87pr"
}
],
"release_date": "2026-03-06T15:36:15.655000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/coredns/coredns: CoreDNS: DNS access control bypass due to plugin execution order flaw"
},
{
"cve": "CVE-2026-26018",
"cwe": {
"id": "CWE-1241",
"name": "Use of Predictable Algorithm in Random Number Generator"
},
"discovery_date": "2026-03-06T16:01:38.150099+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445242"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CoreDNS, a DNS server that chains plugins. A remote attacker can exploit this flaw by sending specially crafted DNS queries. This vulnerability exists in CoreDNS\u0027s loop detection plugin due to the use of a predictable pseudo-random number generator (PRNG) for generating a secret query name. Successful exploitation can lead to a denial of service (DoS) by crashing the DNS server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns: CoreDNS: Denial of Service vulnerability due to predictable pseudo-random number generation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-26018"
},
{
"category": "external",
"summary": "RHBZ#2445242",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445242"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-26018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-26018"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-26018",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-26018"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/releases/tag/v1.14.2",
"url": "https://github.com/coredns/coredns/releases/tag/v1.14.2"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-h75p-j8xm-m278",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-h75p-j8xm-m278"
}
],
"release_date": "2026-03-06T15:35:50.801000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/coredns/coredns: CoreDNS: Denial of Service vulnerability due to predictable pseudo-random number generation"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32936",
"cwe": {
"id": "CWE-1284",
"name": "Improper Validation of Specified Quantity in Input"
},
"discovery_date": "2026-05-05T20:01:52.218439+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466869"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CoreDNS, a DNS server that chains plugins. A remote, unauthenticated attacker can exploit this vulnerability by repeatedly sending oversized DNS-over-HTTPS (DoH) GET requests. The GET path, unlike the POST path, lacks size validation before processing large `dns=` query parameter values. This can lead to high CPU usage, significant memory allocations, and increased garbage collection, resulting in a Denial of Service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns: CoreDNS: Denial of Service via oversized DNS-over-HTTPS GET requests",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32936"
},
{
"category": "external",
"summary": "RHBZ#2466869",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466869"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32936",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32936"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32936",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32936"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/releases/tag/v1.14.3",
"url": "https://github.com/coredns/coredns/releases/tag/v1.14.3"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-63cw-r7xf-jmwr",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-63cw-r7xf-jmwr"
}
],
"release_date": "2026-05-05T19:07:51.926000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "github.com/coredns/coredns: CoreDNS: Denial of Service via oversized DNS-over-HTTPS GET requests"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
},
{
"cve": "CVE-2026-35579",
"cwe": {
"id": "CWE-303",
"name": "Incorrect Implementation of Authentication Algorithm"
},
"discovery_date": "2026-05-05T21:01:06.423844+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2466905"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in CoreDNS. An unauthenticated network attacker can exploit incorrect handling of TSIG (Transaction Signature) authentication in the gRPC, QUIC, DoH (DNS over HTTPS), and DoH3 transport implementations. This vulnerability allows an attacker to bypass TSIG protection, leading to unauthorized access to functionalities such as zone transfers and dynamic DNS updates. For DoH and DoH3, the issue is more severe as any request with a TSIG record is treated as authenticated, even with an invalid key.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/coredns/coredns: CoreDNS: Authentication bypass allows unauthorized access to TSIG-protected functionalities",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"known_not_affected": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-35579"
},
{
"category": "external",
"summary": "RHBZ#2466905",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2466905"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-35579",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-35579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-35579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35579"
},
{
"category": "external",
"summary": "https://github.com/coredns/coredns/security/advisories/GHSA-vp29-5652-4fw9",
"url": "https://github.com/coredns/coredns/security/advisories/GHSA-vp29-5652-4fw9"
}
],
"release_date": "2026-05-05T20:29:16.903000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-10T20:51:55+00:00",
"details": "For release note details, see the upstream Submariner release notes:\n\nhttps://submariner.io/community/releases/\n\nDownstream-specific issues resolved:\n* ACM-27238\n* ACM-28294\n* ACM-28295\n* ACM-28311\n* ACM-28313\n* ACM-28314\n* ACM-28315\n* ACM-28316\n* ACM-28329\n* ACM-28331\n* ACM-28333\n* ACM-28335\n* ACM-28337\n* ACM-28339\n* ACM-28342\n* ACM-29317\n* ACM-29511\n* ACM-29613\n* ACM-29614\n* ACM-29631\n* ACM-29632\n* ACM-29633\n* ACM-29634\n* ACM-29776\n* ACM-30134\n* ACM-30726\n* ACM-30727\n* ACM-30728\n* ACM-30729\n* ACM-30970\n* ACM-31136\n* ACM-31831\n* ACM-31840\n* ACM-32575\n* ACM-32842\n* ACM-34108\n* ACM-34586\n* ACM-34589\n\nFor more details, see the Red Hat Advanced Cluster Management for Kubernetes documentation:\n\nhttps://docs.redhat.com/documentation/en-us/red_hat_advanced_cluster_management_for_kubernetes/2.14/",
"product_ids": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:0cbb0970c438efa6f7da80f8628b76550d8986d7f73b4f00e5c929d766472d7b_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:6aaeb062ada48648fd880cc1094180a2fa2b0bb3e9bbd9b0bcbe9a833c7f7208_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:bbe086814cc2fe9e53699ff23705479b493a62f9521b5f2664fcdb97dd5705a9_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-agent-rhel9@sha256:eac6affcb33fec57b7c3018346aa26759326b49264973b5c9a01d1a7c18285fc_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:84ea010ee8369be60c67bb28c831897583c5d23055c902c5e68be70729d80b73_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e688af48ddf8d59c39e64b4c38e72fc2d6f06f28ab3732703d1c1664d91bdad7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:e802f821ed0cc9f6f026a0385681e9e8b0daad39b6e7ea75e7c99f3df28e4e44_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/lighthouse-coredns-rhel9@sha256:eee8da5b239e8a1cb5dc52e6ab514eebe159977afe842a0f7035732701a6f87a_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:5b036c08592fc679e4a158d58e2077929d07eb62825d94fd55afeedaa831d154_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:80e8f73158f4300a85f94c84a4e71fd6c0d4ce9553380c623f156b137497dc5c_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:831c2d010a7f93da6c7f803c464171e3b14c2fe15779e3d2b0829f8d0f4e2285_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/nettest-rhel9@sha256:f928393188edf404a004d4a692c8b633bd9c3ea4c8cabd5a9441c82d482c84a9_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5455803b15f596679c80af65bc7e4d600d68bffcdfba6701444ff5da039f5bb2_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:5e1d6eea31cf8b7a3e5d1c94af072c81f1be1da47122938a2eeec7acd6e778c7_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:a154b2b05fe49a472506ed9f211693057361b9a58b0fa6477afb7abbba9e9e54_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/subctl-rhel9@sha256:cac1a0a0a72004f64edb104385d2c0683a15401c8970777a2db2978b4fa32d33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:157ec65b5967f65026b2e6c8d688fa734dbd8d2b056960b43d2ee9672979d120_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:2629fcf4d38774d9d4fa5bb72bb664982b32b8b8e1018a36d6bfd0b05a16a1c9_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:5118901bb1b8336f1a99f8757a32d61070fde1b4a26e40b7282aae81ae0b741d_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-gateway-rhel9@sha256:7314924a015ddfc1dde55dd4991b9b3df8e8a279c3ce354d9d86ae66adfa46da_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:2d6f324a2f853471f3697da356db792ea9203939c4a12c02040c4cf62bbb9fb1_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:a7f2ac46b1edce62e4a8707e940a3813016b6a7c7ee11225700c792bc449ee33_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:be69bc672cabbced9e23829820685b30183bae1910a8af9fed5c1eff3a11aca3_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-globalnet-rhel9@sha256:ed6fa4602b7d1f175e8df0601be5b2c3e8ea9d906dc9cd2fd8a5ab76eea97175_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-operator-bundle@sha256:5b64e063acaeec1bae4ef902f3b482b47d85c0964e944e53663cff73f530a701_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:01a082229dbfbfee20345e1ccff5c8ac3ac3bd727a666d29221f465b43701133_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:100e10f6c2959526a2335d81d99c6887b16a29bd59e005e519140206d0ce73ed_ppc64le",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:2f772da0e95d6690c14966eaf7bb097a0c567a7077b93eb61d8bbcc552be4d1b_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-rhel9-operator@sha256:60c2e8e50cec20d1c78df0629256403d667ea47989aa3c30c696e76ce5e264e4_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:30dfcfaaf77a270fbcec02e53c013af5570a65334ef666cd77c9bef0a54d3418_s390x",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:5a97cf1a1723932e74bb1fc4fc410df0d78dd3035203cd7684bc3d6485d6f2e5_amd64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:83a6d00f217f3e9000d6e6cba602d52b65922290dbb0dcdae8ee12b1c8b383c1_arm64",
"Red Hat Advanced Cluster Management for Kubernetes 2.14:registry.redhat.io/rhacm2/submariner-route-agent-rhel9@sha256:c52a0fb2364483a9c23763e76bfeae9923a9ae3d35e646012c528f7cc46bcdc1_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/coredns/coredns: CoreDNS: Authentication bypass allows unauthorized access to TSIG-protected functionalities"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…