Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-61726 (GCVE-0-2025-61726)
Vulnerability from cvelistv5 – Published: 2026-01-28 19:30 – Updated: 2026-06-30 12:06
VLAI
EPSS
Title
Memory exhaustion in query parameter parsing in net/url
Summary
The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containing many unique query parameters can cause excessive memory consumption.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
270 references
Impacted products
169 products
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | net/url |
Affected:
0 , < 1.24.12
(semver)
Affected: 1.25.0 , < 1.25.6 (semver) |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 for RHEL 10 |
cpe:/a:redhat:ansible_automation_platform:2.6::el10 cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10 |
|
| Red Hat | Red Hat Enterprise Linux Server (v. 7 ELS) |
cpe:/o:redhat:rhel_els:7 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 8 |
cpe:/a:redhat:ansible_automation_platform:2.4::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 8 |
cpe:/a:redhat:ansible_automation_platform:2.5::el8 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.12 |
cpe:/a:redhat:openshift:4.12::el8 cpe:/a:redhat:openshift:4.12::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.13 |
cpe:/a:redhat:openshift:4.13::el8 cpe:/a:redhat:openshift:4.13::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.16 |
cpe:/a:redhat:openshift:4.16::el8 cpe:/a:redhat:openshift:4.16::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.17 |
cpe:/a:redhat:openshift:4.17::el8 cpe:/a:redhat:openshift:4.17::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.18 |
cpe:/a:redhat:openshift:4.18::el8 cpe:/a:redhat:openshift:4.18::el9 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.4 for RHEL 9 |
cpe:/a:redhat:ansible_automation_platform:2.4::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.5 for RHEL 9 |
cpe:/a:redhat:ansible_automation_platform:2.5::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 for RHEL 9 |
cpe:/a:redhat:ansible_automation_platform:2.6::el9 cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9 cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9 |
|
| Red Hat | Cryostat 4 on RHEL 9 |
cpe:/a:redhat:cryostat:4::el9 |
|
| Red Hat | Red Hat OpenStack Platform 17.1 |
cpe:/a:redhat:openstack:17.1 cpe:/a:redhat:openstack:17.1::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.19 |
cpe:/a:redhat:openshift:4.19::el8 cpe:/a:redhat:openshift:4.19::el9 |
|
| Red Hat | Red Hat Satellite 6.18 for RHEL 9 |
cpe:/a:redhat:satellite:6.18::el9 cpe:/a:redhat:satellite_capsule:6.18::el9 cpe:/a:redhat:satellite_utils:6.18::el9 |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v. 10.0) |
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 10) |
cpe:/o:redhat:enterprise_linux:10.1 cpe:/o:redhat:enterprise_linux:10.2 |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 8) |
cpe:/a:redhat:enterprise_linux:8::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream AUS (v. 8.2) |
cpe:/a:redhat:rhel_aus:8.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream AUS (v.8.4) |
cpe:/a:redhat:rhel_aus:8.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4) |
cpe:/a:redhat:rhel_eus_long_life:8.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream AUS (v.8.6) |
cpe:/a:redhat:rhel_aus:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.8.6) |
cpe:/a:redhat:rhel_e4s:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream TUS (v.8.6) |
cpe:/a:redhat:rhel_tus:8.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.8.8) |
cpe:/a:redhat:rhel_e4s:8.8::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream TUS (v.8.8) |
cpe:/a:redhat:rhel_tus:8.8::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.9.0) |
cpe:/a:redhat:rhel_e4s:9.0::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream E4S (v.9.2) |
cpe:/a:redhat:rhel_e4s:9.2::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v.9.4) |
cpe:/a:redhat:rhel_eus:9.4::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream EUS (v.9.6) |
cpe:/a:redhat:rhel_eus:9.6::appstream |
|
| Red Hat | Red Hat Enterprise Linux AppStream (v. 9) |
cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0) |
cpe:/o:redhat:enterprise_linux_eus:10.0 |
|
| Red Hat | Red Hat Enterprise Linux CodeReady Linux Builder (v. 10) |
cpe:/o:redhat:enterprise_linux:10.1 |
|
| Red Hat | Red Hat CodeReady Linux Builder EUS (v.9.4) |
cpe:/a:redhat:rhel_eus:9.4::crb |
|
| Red Hat | Red Hat CodeReady Linux Builder EUS (v.9.6) |
cpe:/a:redhat:rhel_eus:9.6::crb |
|
| Red Hat | Red Hat Enterprise Linux CodeReady Linux Builder (v. 9) |
cpe:/a:redhat:enterprise_linux:9::crb |
|
| Red Hat | Cert Manager support for Red Hat OpenShift release 1.17 |
cpe:/a:redhat:cert_manager:1.17::el9 |
|
| Red Hat | Custom Metric Autoscaler 2.19 |
cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9 |
|
| Red Hat | DevWorkspace Operator 0.4 |
cpe:/a:redhat:devworkspace:0.40::el9 |
|
| Red Hat | HawtIO HawtIO 4.3.1 |
cpe:/a:redhat:apache_camel_hawtio:4.3::el9 |
|
| Red Hat | HawtIO HawtIO 4.4.0 |
cpe:/a:redhat:apache_camel_hawtio:4.4::el9 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift 6.0 |
cpe:/a:redhat:logging:6.0::el9 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift 6.2 |
cpe:/a:redhat:logging:6.2::el9 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift 6.3 |
cpe:/a:redhat:logging:6.3::el9 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift 6.4 |
cpe:/a:redhat:logging:6.4::el9 |
|
| Red Hat | Multicluster Global Hub 1.4.5 |
cpe:/a:redhat:multicluster_globalhub:1.4::el9 |
|
| Red Hat | Multicluster Global Hub 1.5.4 |
cpe:/a:redhat:multicluster_globalhub:1.5::el9 |
|
| Red Hat | Multicluster Global Hub 1.6.2 |
cpe:/a:redhat:multicluster_globalhub:1.6::el9 |
|
| Red Hat | Network Observability (NETOBSERV) 1.11.2 |
cpe:/a:redhat:network_observ_optr:1.11::el9 |
|
| Red Hat | OpenShift API for Data Protection 1.4 |
cpe:/a:redhat:openshift_api_data_protection:1.4::el9 |
|
| Red Hat | OpenShift API for Data Protection 1.5 |
cpe:/a:redhat:openshift_api_data_protection:1.5::el9 |
|
| Red Hat | OpenShift Compliance Operator 1 |
cpe:/a:redhat:openshift_compliance_operator:1::el9 |
|
| Red Hat | OpenShift Developer Tools and Services 1.6.2 |
cpe:/a:redhat:source_to_image:1.6::el8 |
|
| Red Hat | OpenShift File Integrity Operator - FIO 1 |
cpe:/a:redhat:openshift_file_integrity_operator:1::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.13 |
cpe:/a:redhat:acm:2.13::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.14 |
cpe:/a:redhat:acm:2.14::el9 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2.15 |
cpe:/a:redhat:acm:2.15::el9 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.8 |
cpe:/a:redhat:advanced_cluster_security:4.8::el8 |
|
| Red Hat | Red Hat Advanced Cluster Security for Kubernetes 4.9 |
cpe:/a:redhat:advanced_cluster_security:4.9::el8 |
|
| Red Hat | Red Hat Ansible Automation Platform 2.6 |
cpe:/a:redhat:ansible_automation_platform:2.6::el9 |
|
| Red Hat | Red Hat Developer Hub 1.8 |
cpe:/a:redhat:rhdh:1.8::el9 |
|
| Red Hat | Red Hat Hardened Images |
cpe:/a:redhat:hummingbird:1 |
|
| Red Hat | Red Hat Lightspeed (formerly Insights) for Runtimes 1 |
cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9 |
|
| Red Hat | Red Hat OpenShift AI 2.16 |
cpe:/a:redhat:openshift_ai:2.16::el8 |
|
| Red Hat | Red Hat OpenShift AI 2.25 |
cpe:/a:redhat:openshift_ai:2.25::el9 |
|
| Red Hat | Red Hat OpenShift AI 3.3 |
cpe:/a:redhat:openshift_ai:3.3::el9 |
|
| Red Hat | Red Hat OpenShift Builds 1.6.5 |
cpe:/a:redhat:openshift_builds:1.6::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.14 |
cpe:/a:redhat:openshift:4.14::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.15 |
cpe:/a:redhat:openshift:4.15::el9 |
|
| Red Hat | Red Hat OpenShift Container Platform 4.20 |
cpe:/a:redhat:openshift:4.20::el9 |
|
| Red Hat | Red Hat OpenShift Dev Spaces (RHOSDS) 3.26 |
cpe:/a:redhat:openshift_devspaces:3.26::el9 |
|
| Red Hat | Red Hat OpenShift Dev Spaces 3.27 |
cpe:/a:redhat:openshift_devspaces:3.27::el9 |
|
| Red Hat | Red Hat OpenShift GitOps 1.17 |
cpe:/a:redhat:openshift_gitops:1.17::el8 |
|
| Red Hat | Red Hat OpenShift GitOps 1.18 |
cpe:/a:redhat:openshift_gitops:1.18::el8 |
|
| Red Hat | Red Hat OpenShift GitOps 1.19 |
cpe:/a:redhat:openshift_gitops:1.19::el8 |
|
| Red Hat | Red Hat OpenShift Service Mesh 2.6 |
cpe:/a:redhat:service_mesh:2.6::el8 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.0 |
cpe:/a:redhat:service_mesh:3.0::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.1 |
cpe:/a:redhat:service_mesh:3.1::el9 |
|
| Red Hat | Red Hat OpenShift Service Mesh 3.2 |
cpe:/a:redhat:service_mesh:3.2::el9 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3.9.3 |
cpe:/a:redhat:openshift_distributed_tracing:3.9::el9 |
|
| Red Hat | Red Hat OpenStack Services on OpenShift 18 |
cpe:/a:redhat:openstack:18.0::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.18 |
cpe:/a:redhat:openshift_data_foundation:4.18::el9 |
|
| Red Hat | Red Hat Openshift Data Foundation 4.19 |
cpe:/a:redhat:openshift_data_foundation:4.19::el9 |
|
| Red Hat | Red Hat Quay 3.12 |
cpe:/a:redhat:quay:3.12::el8 |
|
| Red Hat | Red Hat Quay 3.14 |
cpe:/a:redhat:quay:3.14::el8 |
|
| Red Hat | Red Hat Quay 3.15 |
cpe:/a:redhat:quay:3.15::el8 |
|
| Red Hat | Red Hat Quay 3.16 |
cpe:/a:redhat:quay:3.16::el9 |
|
| Red Hat | Red Hat Quay 3.1 |
cpe:/a:redhat:quay:3.10::el8 |
|
| Red Hat | Red Hat Quay 3.9 |
cpe:/a:redhat:quay:3.9::el8 |
|
| Red Hat | Red Hat Satellite 6.18 |
cpe:/a:redhat:satellite:6.18::el9 |
|
| Red Hat | Red Hat Trusted Artifact Signer 1.3 |
cpe:/a:redhat:trusted_artifact_signer:1.3::el9 |
|
| Red Hat | Red Hat Update Infrastructure 5 |
cpe:/a:redhat:rhui:5::el9 |
|
| Red Hat | Red Hat Web Terminal 1.11 |
cpe:/a:redhat:webterminal:1.11::el9 |
|
| Red Hat | Red Hat Web Terminal 1.12 |
cpe:/a:redhat:webterminal:1.12::el9 |
|
| Red Hat | Red Hat Web Terminal 1.13 |
cpe:/a:redhat:webterminal:1.13::el9 |
|
| Red Hat | Red Hat Web Terminal 1.14 |
cpe:/a:redhat:webterminal:1.14::el9 |
|
| Red Hat | Red Hat Web Terminal 1.15 |
cpe:/a:redhat:webterminal:1.15::el9 |
|
| Red Hat | Streams for Apache Kafka 3.2.0 |
cpe:/a:redhat:amq_streams:3.2::el9 |
|
| Red Hat | Zero Trust Workload Identity Manager 1 |
cpe:/a:redhat:zero_trust_workload_identity_manager:1.0::el9 |
|
| Red Hat | mirror registry for Red Hat OpenShift 2.0 |
cpe:/a:redhat:mirror_registry:2.0::el8 |
|
| Red Hat | multicluster engine for Kubernetes 2.10 |
cpe:/a:redhat:multicluster_engine:2.10::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.6 |
cpe:/a:redhat:multicluster_engine:2.6::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.7 |
cpe:/a:redhat:multicluster_engine:2.7::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.8 |
cpe:/a:redhat:multicluster_engine:2.8::el9 |
|
| Red Hat | multicluster engine for Kubernetes 2.9 |
cpe:/a:redhat:multicluster_engine:2.9::el9 |
|
| Red Hat | Assisted Installer for Red Hat OpenShift Container Platform 2 |
cpe:/a:redhat:assisted_installer:2 |
|
| Red Hat | cert-manager Operator for Red Hat OpenShift |
cpe:/a:redhat:cert_manager:1 |
|
| Red Hat | Confidential Compute Attestation |
cpe:/a:redhat:confidential_compute_attestation:1 |
|
| Red Hat | Cryostat 4 |
cpe:/a:redhat:cryostat:4 |
|
| Red Hat | Custom Metric Autoscaler operator for Red Hat Openshift |
cpe:/a:redhat:openshift_custom_metrics_autoscaler:2 |
|
| Red Hat | Deployment Validation Operator |
cpe:/a:redhat:deployment_validator_operator |
|
| Red Hat | External Secrets Operator for Red Hat OpenShift |
cpe:/a:redhat:external_secrets_operator:1 |
|
| Red Hat | ExternalDNS Operator |
cpe:/a:redhat:ext_dns_optr:1 |
|
| Red Hat | Fence Agents Remediation Operator |
cpe:/a:redhat:workload_availability_far:0 |
|
| Red Hat | File Integrity Operator |
cpe:/a:redhat:openshift_file_integrity_operator:1 |
|
| Red Hat | Gatekeeper 3 |
cpe:/a:redhat:gatekeeper:3 |
|
| Red Hat | Logical Volume Manager Storage |
cpe:/a:redhat:lvms:4 |
|
| Red Hat | Machine Deletion Remediation Operator |
cpe:/a:redhat:workload_availability_mdr:0 |
|
| Red Hat | Migration Toolkit for Applications 8 |
cpe:/a:redhat:migration_toolkit_applications:8 |
|
| Red Hat | Migration Toolkit for Containers |
cpe:/a:redhat:rhmt:1 |
|
| Red Hat | mirror registry for Red Hat OpenShift |
cpe:/a:redhat:mirror_registry:1 |
|
| Red Hat | Multiarch Tuning Operator |
cpe:/a:redhat:multiarch_tuning_operator |
|
| Red Hat | Multicluster Engine for Kubernetes |
cpe:/a:redhat:multicluster_engine |
|
| Red Hat | Node HealthCheck Operator |
cpe:/a:redhat:workload_availability_nhc:0 |
|
| Red Hat | Node Maintenance Operator |
cpe:/a:redhat:workload_availability_nmo:5 |
|
| Red Hat | OpenShift API for Data Protection |
cpe:/a:redhat:openshift_api_data_protection:1 |
|
| Red Hat | OpenShift Developer Tools and Services |
cpe:/a:redhat:ocp_tools |
|
| Red Hat | OpenShift Lightspeed |
cpe:/a:redhat:openshift_lightspeed |
|
| Red Hat | OpenShift Pipelines |
cpe:/a:redhat:openshift_pipelines:1 |
|
| Red Hat | OpenShift Serverless |
cpe:/a:redhat:serverless:1 |
|
| Red Hat | OpenShift Service Mesh 2 |
cpe:/a:redhat:service_mesh:2 |
|
| Red Hat | OpenShift Service Mesh 3 |
cpe:/a:redhat:service_mesh:3 |
|
| Red Hat | Red Hat 3scale API Management Platform 2 |
cpe:/a:redhat:red_hat_3scale_amp:2 |
|
| Red Hat | Red Hat Advanced Cluster Management for Kubernetes 2 |
cpe:/a:redhat:acm:2 |
|
| Red Hat | Red Hat AMQ Clients |
cpe:/a:redhat:amq_clients:2023 |
|
| Red Hat | Red Hat Ansible Automation Platform 2 |
cpe:/a:redhat:ansible_automation_platform:2 |
|
| Red Hat | Red Hat Ceph Storage 5 |
cpe:/a:redhat:ceph_storage:5 |
|
| Red Hat | Red Hat Ceph Storage 6 |
cpe:/a:redhat:ceph_storage:6 |
|
| Red Hat | Red Hat Ceph Storage 7 |
cpe:/a:redhat:ceph_storage:7 |
|
| Red Hat | Red Hat Ceph Storage 8 |
cpe:/a:redhat:ceph_storage:8 |
|
| Red Hat | Red Hat Certification Program for Red Hat Enterprise Linux 9 |
cpe:/a:redhat:certifications:9 |
|
| Red Hat | Red Hat Connectivity Link 1 |
cpe:/a:redhat:connectivity_link:1 |
|
| Red Hat | Red Hat Edge Manager 1 |
cpe:/a:redhat:edge_manager:1 |
|
| Red Hat | Red Hat Enterprise Linux 10 |
cpe:/o:redhat:enterprise_linux:10 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat OpenShift Cluster Manager CLI |
cpe:/a:redhat:openshift_cluster_manager_cli:1 |
|
| Red Hat | Red Hat OpenShift Container Platform 4 |
cpe:/a:redhat:openshift:4 |
|
| Red Hat | Red Hat OpenShift distributed tracing 3 |
cpe:/a:redhat:openshift_distributed_tracing:3 |
|
| Red Hat | Red Hat OpenShift for Windows Containers |
cpe:/a:redhat:windows_machine_config |
|
| Red Hat | Red Hat OpenShift on AWS |
cpe:/a:redhat:openshift_service_on_aws:1 |
|
| Red Hat | Red Hat OpenShift Virtualization 4 |
cpe:/a:redhat:container_native_virtualization:4 |
|
| Red Hat | Red Hat OpenStack Platform 16.2 |
cpe:/a:redhat:openstack:16.2 |
|
| Red Hat | Red Hat OpenStack Platform 18.0 |
cpe:/a:redhat:openstack:18.0 |
|
| Red Hat | Red Hat Quay 3 |
cpe:/a:redhat:quay:3 |
|
| Red Hat | Red Hat Satellite 6 |
cpe:/a:redhat:satellite:6 |
|
| Red Hat | Red Hat Service Interconnect 1 |
cpe:/a:redhat:service_interconnect:1 |
|
| Red Hat | Red Hat Service Interconnect 2 |
cpe:/a:redhat:service_interconnect:2 |
|
| Red Hat | Zero Trust Workload Identity Manager - Tech Preview |
cpe:/a:redhat:zero_trust_workload_identity_manager:0 |
|
| Red Hat | Ironic content for Red Hat OpenShift Container Platform 4.17 |
cpe:/a:redhat:openshift_ironic:4.17::el9 |
|
| Red Hat | Ironic content for Red Hat OpenShift Container Platform 4.18 |
cpe:/a:redhat:openshift_ironic:4.18::el9 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift |
cpe:/a:redhat:logging:5 |
|
| Red Hat | Power monitoring for Red Hat OpenShift |
cpe:/a:redhat:openshift_power_monitoring |
|
| Red Hat | Red Hat OpenShift Dev Spaces |
cpe:/a:redhat:openshift_devspaces:3 |
|
| Red Hat | Zero Trust Workload Identity Manager |
cpe:/a:redhat:zero_trust_workload_identity_manager:1 |
Credits
jub0bs
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-61726",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-29T18:31:39.150633Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-01-29T18:31:59.685Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el10",
"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:rhel_els:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux Server (v. 7 ELS)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.12::el8",
"cpe:/a:redhat:openshift:4.12::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.12",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.13::el8",
"cpe:/a:redhat:openshift:4.13::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.13",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.16::el8",
"cpe:/a:redhat:openshift:4.16::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.17::el8",
"cpe:/a:redhat:openshift:4.17::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.18::el8",
"cpe:/a:redhat:openshift:4.18::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9",
"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9",
"cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:17.1",
"cpe:/a:redhat:openstack:17.1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 17.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.19::el8",
"cpe:/a:redhat:openshift:4.19::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6.18::el9",
"cpe:/a:redhat:satellite_capsule:6.18::el9",
"cpe:/a:redhat:satellite_utils:6.18::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6.18 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1",
"cpe:/o:redhat:enterprise_linux:10.2"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v.8.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_aus:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream AUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_tus:8.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream TUS (v.8.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:8.8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_tus:8.8::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream TUS (v.8.8)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.0::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_e4s:9.2::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream E4S (v.9.2)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AppStream (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux_eus:10.0"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10.1"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.4::crb"
],
"defaultStatus": "affected",
"product": "Red Hat CodeReady Linux Builder EUS (v.9.4)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhel_eus:9.6::crb"
],
"defaultStatus": "affected",
"product": "Red Hat CodeReady Linux Builder EUS (v.9.6)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux:9::crb"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cert_manager:1.17::el9"
],
"defaultStatus": "affected",
"product": "Cert Manager support for Red Hat OpenShift release 1.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9"
],
"defaultStatus": "affected",
"product": "Custom Metric Autoscaler 2.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:devworkspace:0.40::el9"
],
"defaultStatus": "affected",
"product": "DevWorkspace Operator 0.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4.3::el9"
],
"defaultStatus": "affected",
"product": "HawtIO HawtIO 4.3.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4.4::el9"
],
"defaultStatus": "affected",
"product": "HawtIO HawtIO 4.4.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:6.0::el9"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift 6.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:6.2::el9"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift 6.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:6.3::el9"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift 6.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:6.4::el9"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift 6.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.4::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.4.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.5::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.5.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_globalhub:1.6::el9"
],
"defaultStatus": "affected",
"product": "Multicluster Global Hub 1.6.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:network_observ_optr:1.11::el9"
],
"defaultStatus": "affected",
"product": "Network Observability (NETOBSERV) 1.11.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1.4::el9"
],
"defaultStatus": "affected",
"product": "OpenShift API for Data Protection 1.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1.5::el9"
],
"defaultStatus": "affected",
"product": "OpenShift API for Data Protection 1.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_compliance_operator:1::el9"
],
"defaultStatus": "affected",
"product": "OpenShift Compliance Operator 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:source_to_image:1.6::el8"
],
"defaultStatus": "affected",
"product": "OpenShift Developer Tools and Services 1.6.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_file_integrity_operator:1::el9"
],
"defaultStatus": "affected",
"product": "OpenShift File Integrity Operator - FIO 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2.13::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.13",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2.14::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2.15::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.8::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:advanced_cluster_security:4.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Security for Kubernetes 4.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhdh:1.8::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Developer Hub 1.8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:hummingbird:1"
],
"defaultStatus": "affected",
"product": "Red Hat Hardened Images",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Lightspeed (formerly Insights) for Runtimes 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:2.16::el8"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 2.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:3.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 3.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_builds:1.6::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Builds 1.6.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.14::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.15::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4.20::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4.20",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.26::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.27::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces 3.27",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_gitops:1.17::el8"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift GitOps 1.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_gitops:1.18::el8"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift GitOps 1.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_gitops:1.19::el8"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift GitOps 1.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:2.6::el8"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3.2::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Service Mesh 3.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3.9::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift distributed tracing 3.9.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:18.0::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Services on OpenShift 18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.18::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Openshift Data Foundation 4.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.19::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Openshift Data Foundation 4.19",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.12::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.12",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.14::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.15::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.16::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.16",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.10::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3.9::el8"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6.18::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:trusted_artifact_signer:1.3::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Trusted Artifact Signer 1.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhui:5::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Update Infrastructure 5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.11::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.11",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.12::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.12",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.13::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.13",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.14::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:webterminal:1.15::el9"
],
"defaultStatus": "affected",
"product": "Red Hat Web Terminal 1.15",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:3.2::el9"
],
"defaultStatus": "affected",
"product": "Streams for Apache Kafka 3.2.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1.0::el9"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:mirror_registry:2.0::el8"
],
"defaultStatus": "affected",
"product": "mirror registry for Red Hat OpenShift 2.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.10::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.6::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.7::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.8::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine:2.9::el9"
],
"defaultStatus": "affected",
"product": "multicluster engine for Kubernetes 2.9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:assisted_installer:2"
],
"defaultStatus": "affected",
"product": "Assisted Installer for Red Hat OpenShift Container Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cert_manager:1"
],
"defaultStatus": "affected",
"product": "cert-manager Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:confidential_compute_attestation:1"
],
"defaultStatus": "affected",
"product": "Confidential Compute Attestation",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4"
],
"defaultStatus": "affected",
"product": "Cryostat 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
],
"defaultStatus": "affected",
"product": "Custom Metric Autoscaler operator for Red Hat Openshift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:deployment_validator_operator"
],
"defaultStatus": "affected",
"product": "Deployment Validation Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:external_secrets_operator:1"
],
"defaultStatus": "affected",
"product": "External Secrets Operator for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ext_dns_optr:1"
],
"defaultStatus": "affected",
"product": "ExternalDNS Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:workload_availability_far:0"
],
"defaultStatus": "affected",
"product": "Fence Agents Remediation Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_file_integrity_operator:1"
],
"defaultStatus": "affected",
"product": "File Integrity Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:gatekeeper:3"
],
"defaultStatus": "affected",
"product": "Gatekeeper 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:lvms:4"
],
"defaultStatus": "affected",
"product": "Logical Volume Manager Storage",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:workload_availability_mdr:0"
],
"defaultStatus": "affected",
"product": "Machine Deletion Remediation Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:migration_toolkit_applications:8"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Applications 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:rhmt:1"
],
"defaultStatus": "affected",
"product": "Migration Toolkit for Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:mirror_registry:1"
],
"defaultStatus": "affected",
"product": "mirror registry for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multiarch_tuning_operator"
],
"defaultStatus": "affected",
"product": "Multiarch Tuning Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:multicluster_engine"
],
"defaultStatus": "affected",
"product": "Multicluster Engine for Kubernetes",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:workload_availability_nhc:0"
],
"defaultStatus": "affected",
"product": "Node HealthCheck Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:workload_availability_nmo:5"
],
"defaultStatus": "affected",
"product": "Node Maintenance Operator",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_api_data_protection:1"
],
"defaultStatus": "affected",
"product": "OpenShift API for Data Protection",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ocp_tools"
],
"defaultStatus": "affected",
"product": "OpenShift Developer Tools and Services",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_lightspeed"
],
"defaultStatus": "affected",
"product": "OpenShift Lightspeed",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_pipelines:1"
],
"defaultStatus": "affected",
"product": "OpenShift Pipelines",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:2"
],
"defaultStatus": "affected",
"product": "OpenShift Service Mesh 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_mesh:3"
],
"defaultStatus": "affected",
"product": "OpenShift Service Mesh 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_3scale_amp:2"
],
"defaultStatus": "affected",
"product": "Red Hat 3scale API Management Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:acm:2"
],
"defaultStatus": "affected",
"product": "Red Hat Advanced Cluster Management for Kubernetes 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_clients:2023"
],
"defaultStatus": "affected",
"product": "Red Hat AMQ Clients",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ansible_automation_platform:2"
],
"defaultStatus": "affected",
"product": "Red Hat Ansible Automation Platform 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ceph_storage:5"
],
"defaultStatus": "affected",
"product": "Red Hat Ceph Storage 5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ceph_storage:6"
],
"defaultStatus": "affected",
"product": "Red Hat Ceph Storage 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ceph_storage:7"
],
"defaultStatus": "affected",
"product": "Red Hat Ceph Storage 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:ceph_storage:8"
],
"defaultStatus": "affected",
"product": "Red Hat Ceph Storage 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:certifications:9"
],
"defaultStatus": "affected",
"product": "Red Hat Certification Program for Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:connectivity_link:1"
],
"defaultStatus": "affected",
"product": "Red Hat Connectivity Link 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:edge_manager:1"
],
"defaultStatus": "affected",
"product": "Red Hat Edge Manager 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:10"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 10",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_cluster_manager_cli:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Cluster Manager CLI",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Container Platform 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_distributed_tracing:3"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift distributed tracing 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:windows_machine_config"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift for Windows Containers",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_service_on_aws:1"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift on AWS",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:container_native_virtualization:4"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Virtualization 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:16.2"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 16.2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openstack:18.0"
],
"defaultStatus": "affected",
"product": "Red Hat OpenStack Platform 18.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quay:3"
],
"defaultStatus": "affected",
"product": "Red Hat Quay 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "affected",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:1"
],
"defaultStatus": "affected",
"product": "Red Hat Service Interconnect 1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_interconnect:2"
],
"defaultStatus": "affected",
"product": "Red Hat Service Interconnect 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:0"
],
"defaultStatus": "affected",
"product": "Zero Trust Workload Identity Manager - Tech Preview",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ironic:4.17::el9"
],
"defaultStatus": "unaffected",
"product": "Ironic content for Red Hat OpenShift Container Platform 4.17",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ironic:4.18::el9"
],
"defaultStatus": "unaffected",
"product": "Ironic content for Red Hat OpenShift Container Platform 4.18",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "unaffected",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_power_monitoring"
],
"defaultStatus": "unaffected",
"product": "Power monitoring for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3"
],
"defaultStatus": "unaffected",
"product": "Red Hat OpenShift Dev Spaces",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:zero_trust_workload_identity_manager:1"
],
"defaultStatus": "unaffected",
"product": "Zero Trust Workload Identity Manager",
"vendor": "Red Hat"
}
],
"datePublic": "2026-01-28T19:30:31.215Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-30T12:06:15.501Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"name": "RHBZ#2434432",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-61726.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3958"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7676"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4460"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3959"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6278"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26527"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26541"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10096"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3416"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17595"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3875"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17446"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6277"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3186"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3391"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5968"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14868"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3843"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4166"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3813"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3192"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3977"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3831"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3816"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17084"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4256"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5852"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17040"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4907"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3970"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16696"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3506"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3699"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3297"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3864"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4164"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3669"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2706"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2914"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3035"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3840"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3092"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4174"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3752"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3336"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4892"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3971"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3343"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5146"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5145"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19013"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22937"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22450"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19132"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4672"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2708"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3985"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3188"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3187"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3898"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4952"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3468"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3841"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3470"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3973"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3879"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3815"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5461"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5030"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19634"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3489"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3972"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3880"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3812"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5853"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5031"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3471"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3974"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3838"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3821"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4753"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5022"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:16102"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3932"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3473"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3854"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3822"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5533"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5079"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25252"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25251"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3931"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3472"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3836"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3820"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5327"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25248"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5076"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25253"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25250"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12030"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12032"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3930"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3469"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3835"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3818"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12033"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4267"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4211"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12028"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5078"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12031"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12029"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11749"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9109"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3929"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3814"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3193"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3833"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3817"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9108"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4264"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5544"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7854"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5077"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9097"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9098"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3298"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3341"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3928"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3668"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2709"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2920"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3040"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3839"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4177"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3753"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3337"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4901"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3291"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3340"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:18913"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23228"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22714"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5645"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5851"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7942"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25089"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7052"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4500"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4939"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4498"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6429"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5110"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6226"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6428"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6251"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4170"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8433"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4270"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22627"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8229"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:25127"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13548"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8151"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11408"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4466"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4467"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3960"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3089"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7385"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7291"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4220"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5807"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3782"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10184"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:24977"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19712"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3713"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5549"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12282"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14100"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21691"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:15091"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14774"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10104"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4510"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4511"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17598"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3905"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3906"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6554"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21657"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4434"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7249"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4435"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:20041"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3855"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3856"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8431"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17468"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6564"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2844"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6192"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3869"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3874"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3884"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3559"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8483"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5132"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3556"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5948"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5129"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5950"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5131"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5952"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5130"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3427"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3459"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5394"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11747"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:26420"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6184"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:12279"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4942"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:21017"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6568"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6497"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:19375"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:6567"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5665"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:23361"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5168"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:15984"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14879"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5447"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5452"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5439"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4276"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3296"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:3184"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5444"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5649"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5463"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:4943"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10250"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10225"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8338"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8337"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8167"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17460"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17463"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:28441"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13542"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:9848"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:5636"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8218"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:11414"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:3958: Red Hat Ansible Automation Platform 2.6 for RHEL 10, Red Hat Ansible Automation Platform 2.6 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:7676: Red Hat Enterprise Linux Server (v. 7 ELS)"
},
{
"lang": "en",
"value": "RHSA-2026:4460: Red Hat Ansible Automation Platform 2.4 for RHEL 8, Red Hat Ansible Automation Platform 2.4 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:3959: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:6278: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:26527: Red Hat OpenShift Container Platform 4.12"
},
{
"lang": "en",
"value": "RHSA-2026:26541: Red Hat OpenShift Container Platform 4.13"
},
{
"lang": "en",
"value": "RHSA-2026:10096: Red Hat OpenShift Container Platform 4.16"
},
{
"lang": "en",
"value": "RHSA-2026:3416: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:17595: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:3875: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:17446: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:6277: Red Hat Ansible Automation Platform 2.6 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:3186: Cryostat 4 on RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:28047: Red Hat OpenStack Platform 17.1"
},
{
"lang": "en",
"value": "RHSA-2026:3391: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:5968: Red Hat Satellite 6.18 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:14868: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3843: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:4166: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3813: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3192: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3977: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3831: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3816: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:17084: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:4256: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:5852: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:17040: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:4907: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3970: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:16696: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3506: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3699: Red Hat Enterprise Linux AppStream EUS (v. 10.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3297: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:3864: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:4164: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:3669: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:2706: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:2914: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:3035: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:3840: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:3092: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:4174: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:3752: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:3336: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:4892: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:3971: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:3343: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:5146: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:5145: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19013: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:22937: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:22450: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:19132: Red Hat Enterprise Linux AppStream (v. 10)"
},
{
"lang": "en",
"value": "RHSA-2026:4672: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:2708: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:3985: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:3188: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:3187: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:3898: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:4952: Red Hat Enterprise Linux AppStream (v. 8)"
},
{
"lang": "en",
"value": "RHSA-2026:3468: Red Hat Enterprise Linux AppStream AUS (v. 8.2)"
},
{
"lang": "en",
"value": "RHSA-2026:3841: Red Hat Enterprise Linux AppStream AUS (v. 8.2)"
},
{
"lang": "en",
"value": "RHSA-2026:3470: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:3973: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:3879: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:3815: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:5461: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:5030: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)"
},
{
"lang": "en",
"value": "RHSA-2026:19634: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:3489: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:3972: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:3880: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:3812: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:5853: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:5031: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)"
},
{
"lang": "en",
"value": "RHSA-2026:3471: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:3974: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:3838: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:3821: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:4753: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:5022: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)"
},
{
"lang": "en",
"value": "RHSA-2026:16102: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3932: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3473: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3854: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:3822: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:5533: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:5079: Red Hat Enterprise Linux AppStream E4S (v.9.0)"
},
{
"lang": "en",
"value": "RHSA-2026:25252: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:25251: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:3931: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:3472: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:3836: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:3820: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:5327: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:25248: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:5076: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:25253: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:25250: Red Hat Enterprise Linux AppStream E4S (v.9.2)"
},
{
"lang": "en",
"value": "RHSA-2026:12030: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:12032: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:3930: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:3469: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:3835: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:3818: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:12033: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:4267: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:4211: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:12028: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:5078: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:12031: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:12029: Red Hat Enterprise Linux AppStream EUS (v.9.4)"
},
{
"lang": "en",
"value": "RHSA-2026:11749: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:9109: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:3929: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:3814: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:3193: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:3833: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:3817: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:9108: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:4264: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:5544: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:7854: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:5077: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:9097: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:9098: Red Hat Enterprise Linux AppStream EUS (v.9.6)"
},
{
"lang": "en",
"value": "RHSA-2026:3298: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:3341: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:3928: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:3668: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:2709: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:2920: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:3040: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:3839: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:4177: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:3753: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:3337: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:4901: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:3291: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:3340: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:18913: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:23228: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:22714: Red Hat Enterprise Linux AppStream (v. 9)"
},
{
"lang": "en",
"value": "RHSA-2026:5645: Cert Manager support for Red Hat OpenShift release 1.17"
},
{
"lang": "en",
"value": "RHSA-2026:26636: Custom Metric Autoscaler 2.19"
},
{
"lang": "en",
"value": "RHSA-2026:5851: DevWorkspace Operator 0.4"
},
{
"lang": "en",
"value": "RHSA-2026:7942: HawtIO HawtIO 4.3.1"
},
{
"lang": "en",
"value": "RHSA-2026:25089: HawtIO HawtIO 4.4.0"
},
{
"lang": "en",
"value": "RHSA-2026:7052: Logging Subsystem for Red Hat OpenShift 6.0"
},
{
"lang": "en",
"value": "RHSA-2026:4500: Logging Subsystem for Red Hat OpenShift 6.2"
},
{
"lang": "en",
"value": "RHSA-2026:4939: Logging Subsystem for Red Hat OpenShift 6.3"
},
{
"lang": "en",
"value": "RHSA-2026:4498: Logging Subsystem for Red Hat OpenShift 6.4"
},
{
"lang": "en",
"value": "RHSA-2026:6429: Multicluster Global Hub 1.4.5"
},
{
"lang": "en",
"value": "RHSA-2026:5110: Multicluster Global Hub 1.5.4"
},
{
"lang": "en",
"value": "RHSA-2026:6226: Multicluster Global Hub 1.6.2"
},
{
"lang": "en",
"value": "RHSA-2026:6428: Network Observability (NETOBSERV) 1.11.2"
},
{
"lang": "en",
"value": "RHSA-2026:6251: OpenShift API for Data Protection 1.4"
},
{
"lang": "en",
"value": "RHSA-2026:4170: OpenShift API for Data Protection 1.5"
},
{
"lang": "en",
"value": "RHSA-2026:8433: OpenShift Compliance Operator 1"
},
{
"lang": "en",
"value": "RHSA-2026:4270: OpenShift Developer Tools and Services 1.6.2"
},
{
"lang": "en",
"value": "RHSA-2026:22627: OpenShift File Integrity Operator - FIO 1"
},
{
"lang": "en",
"value": "RHSA-2026:8229: Red Hat Advanced Cluster Management for Kubernetes 2.13"
},
{
"lang": "en",
"value": "RHSA-2026:25127: Red Hat Advanced Cluster Management for Kubernetes 2.14"
},
{
"lang": "en",
"value": "RHSA-2026:13548: Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"lang": "en",
"value": "RHSA-2026:8151: Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"lang": "en",
"value": "RHSA-2026:11408: Red Hat Advanced Cluster Management for Kubernetes 2.15"
},
{
"lang": "en",
"value": "RHSA-2026:4466: Red Hat Advanced Cluster Security for Kubernetes 4.8"
},
{
"lang": "en",
"value": "RHSA-2026:4467: Red Hat Advanced Cluster Security for Kubernetes 4.9"
},
{
"lang": "en",
"value": "RHSA-2026:3960: Red Hat Ansible Automation Platform 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:3089: Red Hat Developer Hub 1.8"
},
{
"lang": "en",
"value": "RHSA-2026:7385: Red Hat Hardened Images"
},
{
"lang": "en",
"value": "RHSA-2026:7291: Red Hat Hardened Images"
},
{
"lang": "en",
"value": "RHSA-2026:4220: Red Hat Lightspeed (formerly Insights) for Runtimes 1"
},
{
"lang": "en",
"value": "RHSA-2026:5807: Red Hat OpenShift AI 2.16"
},
{
"lang": "en",
"value": "RHSA-2026:3782: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:10184: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:24977: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:19712: Red Hat OpenShift AI 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:3713: Red Hat OpenShift AI 3.3"
},
{
"lang": "en",
"value": "RHSA-2026:5549: Red Hat OpenShift Builds 1.6.5"
},
{
"lang": "en",
"value": "RHSA-2026:12282: Red Hat OpenShift Container Platform 4.12"
},
{
"lang": "en",
"value": "RHSA-2026:14100: Red Hat OpenShift Container Platform 4.12"
},
{
"lang": "en",
"value": "RHSA-2026:21691: Red Hat OpenShift Container Platform 4.13"
},
{
"lang": "en",
"value": "RHSA-2026:15091: Red Hat OpenShift Container Platform 4.14"
},
{
"lang": "en",
"value": "RHSA-2026:14774: Red Hat OpenShift Container Platform 4.15"
},
{
"lang": "en",
"value": "RHSA-2026:10104: Red Hat OpenShift Container Platform 4.16"
},
{
"lang": "en",
"value": "RHSA-2026:4510: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:4511: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:17598: Red Hat OpenShift Container Platform 4.17"
},
{
"lang": "en",
"value": "RHSA-2026:3905: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:3906: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:6554: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:21657: Red Hat OpenShift Container Platform 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:4434: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:7249: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:4435: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:20041: Red Hat OpenShift Container Platform 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:3855: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:3856: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:8431: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:17468: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:6564: Red Hat OpenShift Container Platform 4.20"
},
{
"lang": "en",
"value": "RHSA-2026:2844: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"lang": "en",
"value": "RHSA-2026:6192: Red Hat OpenShift Dev Spaces 3.27"
},
{
"lang": "en",
"value": "RHSA-2026:3869: Red Hat OpenShift GitOps 1.17"
},
{
"lang": "en",
"value": "RHSA-2026:3874: Red Hat OpenShift GitOps 1.18"
},
{
"lang": "en",
"value": "RHSA-2026:3884: Red Hat OpenShift GitOps 1.19"
},
{
"lang": "en",
"value": "RHSA-2026:3559: Red Hat OpenShift Service Mesh 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:8483: Red Hat OpenShift Service Mesh 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:5132: Red Hat OpenShift Service Mesh 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:3556: Red Hat OpenShift Service Mesh 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:5948: Red Hat OpenShift Service Mesh 3.0"
},
{
"lang": "en",
"value": "RHSA-2026:5129: Red Hat OpenShift Service Mesh 3.0"
},
{
"lang": "en",
"value": "RHSA-2026:5950: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:5131: Red Hat OpenShift Service Mesh 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:5952: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:5130: Red Hat OpenShift Service Mesh 3.2"
},
{
"lang": "en",
"value": "RHSA-2026:3427: Red Hat OpenShift distributed tracing 3.9.3"
},
{
"lang": "en",
"value": "RHSA-2026:3459: Red Hat OpenShift distributed tracing 3.9.3"
},
{
"lang": "en",
"value": "RHSA-2026:5394: Red Hat OpenStack Platform 17.1"
},
{
"lang": "en",
"value": "RHSA-2026:11747: Red Hat OpenStack Services on OpenShift 18"
},
{
"lang": "en",
"value": "RHSA-2026:26420: Red Hat Openshift Data Foundation 4.18"
},
{
"lang": "en",
"value": "RHSA-2026:6184: Red Hat Openshift Data Foundation 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:12279: Red Hat Openshift Data Foundation 4.19"
},
{
"lang": "en",
"value": "RHSA-2026:4942: Red Hat Quay 3.12"
},
{
"lang": "en",
"value": "RHSA-2026:21017: Red Hat Quay 3.14"
},
{
"lang": "en",
"value": "RHSA-2026:6568: Red Hat Quay 3.15"
},
{
"lang": "en",
"value": "RHSA-2026:6497: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:19375: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:2681: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:6567: Red Hat Quay 3.16"
},
{
"lang": "en",
"value": "RHSA-2026:5665: Red Hat Quay 3.1"
},
{
"lang": "en",
"value": "RHSA-2026:23361: Red Hat Quay 3.9"
},
{
"lang": "en",
"value": "RHSA-2026:5168: Red Hat Quay 3.9"
},
{
"lang": "en",
"value": "RHSA-2026:2754: Red Hat Quay 3.9"
},
{
"lang": "en",
"value": "RHSA-2026:15984: Red Hat Satellite 6.18"
},
{
"lang": "en",
"value": "RHSA-2026:14879: Red Hat Satellite 6.18"
},
{
"lang": "en",
"value": "RHSA-2026:5447: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:5452: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:5439: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:4276: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:3296: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:3184: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:5444: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:5649: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:5463: Red Hat Trusted Artifact Signer 1.3"
},
{
"lang": "en",
"value": "RHSA-2026:4943: Red Hat Update Infrastructure 5"
},
{
"lang": "en",
"value": "RHSA-2026:10250: Red Hat Web Terminal 1.11"
},
{
"lang": "en",
"value": "RHSA-2026:10225: Red Hat Web Terminal 1.12"
},
{
"lang": "en",
"value": "RHSA-2026:8338: Red Hat Web Terminal 1.13"
},
{
"lang": "en",
"value": "RHSA-2026:8337: Red Hat Web Terminal 1.14"
},
{
"lang": "en",
"value": "RHSA-2026:8167: Red Hat Web Terminal 1.15"
},
{
"lang": "en",
"value": "RHSA-2026:13571: Streams for Apache Kafka 3.2.0"
},
{
"lang": "en",
"value": "RHSA-2026:17460: Zero Trust Workload Identity Manager 1"
},
{
"lang": "en",
"value": "RHSA-2026:17463: Zero Trust Workload Identity Manager 1"
},
{
"lang": "en",
"value": "RHSA-2026:28441: mirror registry for Red Hat OpenShift 2.0"
},
{
"lang": "en",
"value": "RHSA-2026:13542: multicluster engine for Kubernetes 2.10"
},
{
"lang": "en",
"value": "RHSA-2026:9848: multicluster engine for Kubernetes 2.6"
},
{
"lang": "en",
"value": "RHSA-2026:5636: multicluster engine for Kubernetes 2.7"
},
{
"lang": "en",
"value": "RHSA-2026:8218: multicluster engine for Kubernetes 2.8"
},
{
"lang": "en",
"value": "RHSA-2026:11414: multicluster engine for Kubernetes 2.9"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-01-28T20:01:42.791Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-01-28T19:30:31.215Z",
"value": "Made public."
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"workarounds": [
{
"lang": "en",
"value": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "net/url",
"product": "net/url",
"programRoutines": [
{
"name": "parseQuery"
},
{
"name": "ParseQuery"
},
{
"name": "URL.Query"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.24.12",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.25.6",
"status": "affected",
"version": "1.25.0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "jub0bs"
}
],
"descriptions": [
{
"lang": "en",
"value": "The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containing many unique query parameters can cause excessive memory consumption."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-400: Uncontrolled Resource Consumption",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-28T19:30:31.215Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/736712"
},
{
"url": "https://go.dev/issue/77101"
},
{
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"title": "Memory exhaustion in query parameter parsing in net/url"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2025-61726",
"datePublished": "2026-01-28T19:30:31.215Z",
"dateReserved": "2025-09-30T15:05:03.605Z",
"dateUpdated": "2026-06-30T12:06:15.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-61726",
"date": "2026-06-30",
"epss": "0.01945",
"percentile": "0.77655"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-61726\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2026-01-28T20:16:09.713\",\"lastModified\":\"2026-06-30T03:16:55.083\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containing many unique query parameters can cause excessive memory consumption.\"},{\"lang\":\"es\",\"value\":\"El paquete net/url no establece un l\u00edmite en el n\u00famero de par\u00e1metros de consulta en una consulta. Si bien el tama\u00f1o m\u00e1ximo de los par\u00e1metros de consulta en las URL generalmente est\u00e1 limitado por el tama\u00f1o m\u00e1ximo de la cabecera de solicitud, el m\u00e9todo net/http.Request.ParseForm puede analizar formularios grandes codificados en URL. Analizar un formulario grande que contiene muchos par\u00e1metros de consulta \u00fanicos puede causar un consumo excesivo de memoria.\"}],\"affected\":[{\"source\":\"security@golang.org\",\"affectedData\":[{\"vendor\":\"Go standard library\",\"product\":\"net/url\",\"defaultStatus\":\"unaffected\",\"collectionURL\":\"https://pkg.go.dev\",\"packageName\":\"net/url\",\"programRoutines\":[{\"name\":\"parseQuery\"},{\"name\":\"ParseQuery\"},{\"name\":\"URL.Query\"}],\"versions\":[{\"version\":\"0\",\"lessThan\":\"1.24.12\",\"versionType\":\"semver\",\"status\":\"affected\"},{\"version\":\"1.25.0\",\"lessThan\":\"1.25.6\",\"versionType\":\"semver\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.6 for RHEL 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.6::el10\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux Server (v. 7 ELS)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:rhel_els:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.4 for RHEL 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.4::el8\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.5 for RHEL 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.5::el8\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.12\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.12::el8\",\"cpe:/a:redhat:openshift:4.12::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.13\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.13::el8\",\"cpe:/a:redhat:openshift:4.13::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.16::el8\",\"cpe:/a:redhat:openshift:4.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.17::el8\",\"cpe:/a:redhat:openshift:4.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.18::el8\",\"cpe:/a:redhat:openshift:4.18::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.4 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.4::el9\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.5 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.5::el9\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.6 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.6::el9\",\"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9\",\"cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4 on RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 17.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:17.1\",\"cpe:/a:redhat:openstack:17.1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.19::el8\",\"cpe:/a:redhat:openshift:4.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6.18 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:satellite:6.18::el9\",\"cpe:/a:redhat:satellite_capsule:6.18::el9\",\"cpe:/a:redhat:satellite_utils:6.18::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.1\",\"cpe:/o:redhat:enterprise_linux:10.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:8::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream AUS (v. 8.2)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_aus:8.2::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream AUS (v.8.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_aus:8.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream AUS (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_aus:8.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:8.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream TUS (v.8.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_tus:8.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.8.8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:8.8::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream TUS (v.8.8)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_tus:8.8::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.9.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.0::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream E4S (v.9.2)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_e4s:9.2::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.4::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AppStream (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::appstream\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux_eus:10.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10.1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat CodeReady Linux Builder EUS (v.9.4)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.4::crb\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat CodeReady Linux Builder EUS (v.9.6)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhel_eus:9.6::crb\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux:9::crb\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cert Manager support for Red Hat OpenShift release 1.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cert_manager:1.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Custom Metric Autoscaler 2.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"DevWorkspace Operator 0.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:devworkspace:0.40::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"HawtIO HawtIO 4.3.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_hawtio:4.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"HawtIO HawtIO 4.4.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_hawtio:4.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift 6.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:6.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift 6.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:6.2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift 6.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:6.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift 6.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:6.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.4.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.5.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Global Hub 1.6.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_globalhub:1.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Network Observability (NETOBSERV) 1.11.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:network_observ_optr:1.11::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection 1.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1.4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection 1.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1.5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Compliance Operator 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_compliance_operator:1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Developer Tools and Services 1.6.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:source_to_image:1.6::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift File Integrity Operator - FIO 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_file_integrity_operator:1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2.13\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2.13::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2.14::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2.15::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.8::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Security for Kubernetes 4.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Developer Hub 1.8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhdh:1.8::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Hardened Images\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:hummingbird:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Lightspeed (formerly Insights) for Runtimes 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI 2.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai:2.16::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI 2.25\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai:2.25::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI 3.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai:3.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Builds 1.6.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_builds:1.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.14::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.15::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4.20\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4.20::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3.26::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces 3.27\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3.27::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift GitOps 1.17\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_gitops:1.17::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift GitOps 1.18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_gitops:1.18::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift GitOps 1.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_gitops:1.19::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:2.6::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Service Mesh 3.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3.2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift distributed tracing 3.9.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_distributed_tracing:3.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Services on OpenShift 18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:18.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.18::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Openshift Data Foundation 4.19\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_data_foundation:4.19::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.12\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.12::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.14::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.15::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.16\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.16::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.10::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3.9::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6.18\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:satellite:6.18::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Trusted Artifact Signer 1.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:trusted_artifact_signer:1.3::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Update Infrastructure 5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhui:5::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.11\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.11::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.12\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.12::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.13\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.13::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.14::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Web Terminal 1.15\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:webterminal:1.15::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Streams for Apache Kafka 3.2.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_streams:3.2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:1.0::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"mirror registry for Red Hat OpenShift 2.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:mirror_registry:2.0::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.10::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.6::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.7::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.8::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"multicluster engine for Kubernetes 2.9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine:2.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Assisted Installer for Red Hat OpenShift Container Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:assisted_installer:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"cert-manager Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cert_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Confidential Compute Attestation\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:confidential_compute_attestation:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Custom Metric Autoscaler operator for Red Hat Openshift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Deployment Validation Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:deployment_validator_operator\"]},{\"vendor\":\"Red Hat\",\"product\":\"External Secrets Operator for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:external_secrets_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"ExternalDNS Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ext_dns_optr:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Fence Agents Remediation Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:workload_availability_far:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"File Integrity Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_file_integrity_operator:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Gatekeeper 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:gatekeeper:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logical Volume Manager Storage\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:lvms:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Machine Deletion Remediation Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:workload_availability_mdr:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Applications 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:migration_toolkit_applications:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Migration Toolkit for Containers\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:rhmt:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"mirror registry for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:mirror_registry:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multiarch Tuning Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multiarch_tuning_operator\"]},{\"vendor\":\"Red Hat\",\"product\":\"Multicluster Engine for Kubernetes\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:multicluster_engine\"]},{\"vendor\":\"Red Hat\",\"product\":\"Node HealthCheck Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:workload_availability_nhc:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Node Maintenance Operator\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:workload_availability_nmo:5\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift API for Data Protection\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_api_data_protection:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Developer Tools and Services\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ocp_tools\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Lightspeed\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_lightspeed\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Pipelines\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_pipelines:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Service Mesh 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Service Mesh 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_mesh:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat 3scale API Management Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:red_hat_3scale_amp:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Advanced Cluster Management for Kubernetes 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:acm:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat AMQ Clients\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_clients:2023\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ansible Automation Platform 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ansible_automation_platform:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:5\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Ceph Storage 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:ceph_storage:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Certification Program for Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:certifications:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Connectivity Link 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:connectivity_link:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Edge Manager 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:edge_manager:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 10\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:10\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/o:redhat:enterprise_linux:9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Cluster Manager CLI\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_cluster_manager_cli:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Container Platform 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift distributed tracing 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_distributed_tracing:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift for Windows Containers\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:windows_machine_config\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift on AWS\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_service_on_aws:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Virtualization 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:container_native_virtualization:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 16.2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:16.2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenStack Platform 18.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openstack:18.0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Quay 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quay:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:satellite:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Service Interconnect 1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_interconnect:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Service Interconnect 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_interconnect:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager - Tech Preview\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"]},{\"vendor\":\"Red Hat\",\"product\":\"Ironic content for Red Hat OpenShift Container Platform 4.17\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openshift_ironic:4.17::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Ironic content for Red Hat OpenShift Container Platform 4.18\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openshift_ironic:4.18::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:logging:5\"]},{\"vendor\":\"Red Hat\",\"product\":\"Power monitoring for Red Hat OpenShift\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openshift_power_monitoring\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Zero Trust Workload Identity Manager\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-01-29T18:31:39.150633Z\",\"id\":\"CVE-2025-61726\",\"options\":[{\"exploitation\":\"none\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-770\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.24.12\",\"matchCriteriaId\":\"21FD9368-8AB3-404B-8599-BBF64EFE3C7B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.25.0\",\"versionEndExcluding\":\"1.25.6\",\"matchCriteriaId\":\"A547E844-78D2-4B17-B7A9-73E7B503D2CE\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/736712\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/77101\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2026-4341\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10096\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10104\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10184\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10225\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10250\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11408\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11414\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11747\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:11749\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12028\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12029\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12030\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12031\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12032\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12033\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12279\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:12282\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13542\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13548\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13571\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14100\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14774\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14868\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14879\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:15091\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:15984\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16102\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:16696\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17040\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17084\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17446\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17460\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17463\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17468\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17595\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17598\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:18913\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19013\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19132\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19375\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19634\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:19712\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:20041\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21017\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21657\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:21691\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22450\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22627\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22714\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22937\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23228\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:23361\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:24977\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25089\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25127\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25248\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25250\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25251\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25252\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:25253\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26420\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26527\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26541\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:26636\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2681\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2706\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2708\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2709\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2754\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28047\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2844\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:28441\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2914\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:2920\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3035\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3040\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3089\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3092\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3184\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3186\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3187\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3188\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3192\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3193\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3291\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3296\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3297\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3298\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3336\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3337\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3340\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3341\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3343\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3391\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3416\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3427\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3459\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3468\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3469\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3470\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3471\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3472\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3473\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3489\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3506\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3556\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3559\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3668\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3669\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3699\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3713\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3752\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3753\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3782\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3812\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3813\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3814\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3815\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3816\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3817\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3818\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3820\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3821\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3822\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3831\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3833\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3835\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3836\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3838\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3839\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3840\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3841\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3843\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3854\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3855\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3856\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3864\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3869\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3874\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3875\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3879\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3880\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3884\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3898\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3905\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3906\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3928\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3929\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3930\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3931\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3932\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3958\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3959\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3960\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3970\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3971\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3972\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3973\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3974\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3977\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:3985\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4164\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4166\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4170\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4174\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4177\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4211\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4220\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4256\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4264\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4267\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4270\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4276\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4434\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4435\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4460\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4466\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4467\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4498\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4500\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4510\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4511\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4672\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4753\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4892\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4901\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4907\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4939\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4942\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4943\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:4952\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5022\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5030\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5031\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5076\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5077\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5078\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5079\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5110\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5129\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5130\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5131\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5132\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5145\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5146\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5168\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5327\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5394\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5439\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5444\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5447\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5452\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5461\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5463\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5533\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5544\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5549\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5636\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5645\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5649\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5665\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5807\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5851\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5852\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5853\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5948\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5950\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5952\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:5968\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6184\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6192\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6226\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6251\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6277\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6278\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6428\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6429\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6497\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6554\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6564\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6567\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:6568\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7052\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7249\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7291\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7385\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7676\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7854\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7942\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8151\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8167\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8218\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8229\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8337\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8338\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8431\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8433\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8483\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9097\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9098\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9108\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9109\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:9848\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2025-61726\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2434432\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-61726.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"golang: net/url: Memory exhaustion in query parameter parsing in net/url\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.6::el10\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.6 for RHEL 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:rhel_els:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux Server (v. 7 ELS)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.4::el8\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.4 for RHEL 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.5 for RHEL 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.12::el8\", \"cpe:/a:redhat:openshift:4.12::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.12\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.13::el8\", \"cpe:/a:redhat:openshift:4.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.13\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.16::el8\", \"cpe:/a:redhat:openshift:4.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.16\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.17::el8\", \"cpe:/a:redhat:openshift:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.17\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.18::el8\", \"cpe:/a:redhat:openshift:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.18\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.4::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.4 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.5 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.6::el9\", \"cpe:/a:redhat:ansible_automation_platform_developer:2.6::el9\", \"cpe:/a:redhat:ansible_automation_platform_inside:2.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.6 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cryostat:4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4 on RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:17.1\", \"cpe:/a:redhat:openstack:17.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 17.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.19::el8\", \"cpe:/a:redhat:openshift:4.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.19\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.18::el9\", \"cpe:/a:redhat:satellite_capsule:6.18::el9\", \"cpe:/a:redhat:satellite_utils:6.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.18 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.1\", \"cpe:/o:redhat:enterprise_linux:10.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream AUS (v. 8.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream AUS (v.8.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_aus:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream AUS (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_tus:8.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream TUS (v.8.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:8.8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.8.8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_tus:8.8::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream TUS (v.8.8)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.0::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.9.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_e4s:9.2::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream E4S (v.9.2)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::appstream\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AppStream (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux_eus:10.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10.1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.4::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat CodeReady Linux Builder EUS (v.9.4)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhel_eus:9.6::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat CodeReady Linux Builder EUS (v.9.6)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux:9::crb\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cert_manager:1.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Cert Manager support for Red Hat OpenShift release 1.17\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Custom Metric Autoscaler 2.19\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:devworkspace:0.40::el9\"], \"vendor\": \"Red Hat\", \"product\": \"DevWorkspace Operator 0.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apache_camel_hawtio:4.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"HawtIO HawtIO 4.3.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apache_camel_hawtio:4.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"HawtIO HawtIO 4.4.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:6.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift 6.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:6.2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift 6.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:6.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift 6.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:6.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift 6.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.4.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.5.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_globalhub:1.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Global Hub 1.6.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:network_observ_optr:1.11::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Network Observability (NETOBSERV) 1.11.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_api_data_protection:1.4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift API for Data Protection 1.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_api_data_protection:1.5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift API for Data Protection 1.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_compliance_operator:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Compliance Operator 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:source_to_image:1.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Developer Tools and Services 1.6.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_file_integrity_operator:1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift File Integrity Operator - FIO 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2.13\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.8::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:advanced_cluster_security:4.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Security for Kubernetes 4.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2.6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhdh:1.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Developer Hub 1.8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:hummingbird:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Hardened Images\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:lightspeed_for_runtimes:1.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Lightspeed (formerly Insights) for Runtimes 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai:2.16::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI 2.16\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai:2.25::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI 2.25\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai:3.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI 3.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_builds:1.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Builds 1.6.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4.20::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4.20\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3.26::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3.27::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces 3.27\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1.17::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps 1.17\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1.18::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps 1.18\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_gitops:1.19::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift GitOps 1.19\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:2.6::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 2.6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3.2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Service Mesh 3.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3.9::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3.9.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:18.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Services on OpenShift 18\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.18\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_data_foundation:4.19::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Openshift Data Foundation 4.19\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.12::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.12\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.14::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.15::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.16::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.16\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.10::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3.9::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6.18\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:trusted_artifact_signer:1.3::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Trusted Artifact Signer 1.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhui:5::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Update Infrastructure 5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.11::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.11\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.12::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.12\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.13::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.13\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.14::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:webterminal:1.15::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Web Terminal 1.15\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_streams:3.2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Streams for Apache Kafka 3.2.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:1.0::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:mirror_registry:2.0::el8\"], \"vendor\": \"Red Hat\", \"product\": \"mirror registry for Red Hat OpenShift 2.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.10::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.6::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.7::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.8::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine:2.9::el9\"], \"vendor\": \"Red Hat\", \"product\": \"multicluster engine for Kubernetes 2.9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:assisted_installer:2\"], \"vendor\": \"Red Hat\", \"product\": \"Assisted Installer for Red Hat OpenShift Container Platform 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cert_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"cert-manager Operator for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:confidential_compute_attestation:1\"], \"vendor\": \"Red Hat\", \"product\": \"Confidential Compute Attestation\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cryostat:4\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_custom_metrics_autoscaler:2\"], \"vendor\": \"Red Hat\", \"product\": \"Custom Metric Autoscaler operator for Red Hat Openshift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:deployment_validator_operator\"], \"vendor\": \"Red Hat\", \"product\": \"Deployment Validation Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:external_secrets_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"External Secrets Operator for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ext_dns_optr:1\"], \"vendor\": \"Red Hat\", \"product\": \"ExternalDNS Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:workload_availability_far:0\"], \"vendor\": \"Red Hat\", \"product\": \"Fence Agents Remediation Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_file_integrity_operator:1\"], \"vendor\": \"Red Hat\", \"product\": \"File Integrity Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:gatekeeper:3\"], \"vendor\": \"Red Hat\", \"product\": \"Gatekeeper 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:lvms:4\"], \"vendor\": \"Red Hat\", \"product\": \"Logical Volume Manager Storage\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:workload_availability_mdr:0\"], \"vendor\": \"Red Hat\", \"product\": \"Machine Deletion Remediation Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:migration_toolkit_applications:8\"], \"vendor\": \"Red Hat\", \"product\": \"Migration Toolkit for Applications 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:rhmt:1\"], \"vendor\": \"Red Hat\", \"product\": \"Migration Toolkit for Containers\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:mirror_registry:1\"], \"vendor\": \"Red Hat\", \"product\": \"mirror registry for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multiarch_tuning_operator\"], \"vendor\": \"Red Hat\", \"product\": \"Multiarch Tuning Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:multicluster_engine\"], \"vendor\": \"Red Hat\", \"product\": \"Multicluster Engine for Kubernetes\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:workload_availability_nhc:0\"], \"vendor\": \"Red Hat\", \"product\": \"Node HealthCheck Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:workload_availability_nmo:5\"], \"vendor\": \"Red Hat\", \"product\": \"Node Maintenance Operator\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_api_data_protection:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift API for Data Protection\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ocp_tools\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Developer Tools and Services\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_lightspeed\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Lightspeed\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_pipelines:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Pipelines\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:2\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_mesh:3\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Service Mesh 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:red_hat_3scale_amp:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat 3scale API Management Platform 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:acm:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Advanced Cluster Management for Kubernetes 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_clients:2023\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat AMQ Clients\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ansible_automation_platform:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ansible Automation Platform 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:5\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:ceph_storage:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Ceph Storage 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:certifications:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Certification Program for Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:connectivity_link:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Connectivity Link 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:edge_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Edge Manager 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:10\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 10\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/o:redhat:enterprise_linux:9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_cluster_manager_cli:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Cluster Manager CLI\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Container Platform 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_distributed_tracing:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift distributed tracing 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:windows_machine_config\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift for Windows Containers\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_service_on_aws:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift on AWS\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:container_native_virtualization:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Virtualization 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:16.2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 16.2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openstack:18.0\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenStack Platform 18.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quay:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Quay 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:1\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Service Interconnect 1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_interconnect:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Service Interconnect 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:0\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager - Tech Preview\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ironic:4.17::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Ironic content for Red Hat OpenShift Container Platform 4.17\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ironic:4.18::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Ironic content for Red Hat OpenShift Container Platform 4.18\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:5\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_power_monitoring\"], \"vendor\": \"Red Hat\", \"product\": \"Power monitoring for Red Hat OpenShift\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:zero_trust_workload_identity_manager:1\"], \"vendor\": \"Red Hat\", \"product\": \"Zero Trust Workload Identity Manager\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-01-28T20:01:42.791Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-01-28T19:30:31.215Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:3958: Red Hat Ansible Automation Platform 2.6 for RHEL 10, Red Hat Ansible Automation Platform 2.6 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7676: Red Hat Enterprise Linux Server (v. 7 ELS)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4460: Red Hat Ansible Automation Platform 2.4 for RHEL 8, Red Hat Ansible Automation Platform 2.4 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3959: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6278: Red Hat Ansible Automation Platform 2.5 for RHEL 8, Red Hat Ansible Automation Platform 2.5 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26527: Red Hat OpenShift Container Platform 4.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26541: Red Hat OpenShift Container Platform 4.13\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10096: Red Hat OpenShift Container Platform 4.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3416: Red Hat OpenShift Container Platform 4.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17595: Red Hat OpenShift Container Platform 4.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3875: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17446: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6277: Red Hat Ansible Automation Platform 2.6 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3186: Cryostat 4 on RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28047: Red Hat OpenStack Platform 17.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3391: Red Hat OpenShift Container Platform 4.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5968: Red Hat Satellite 6.18 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14868: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3843: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4166: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3813: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3192: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3977: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3831: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3816: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17084: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4256: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5852: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17040: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4907: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3970: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16696: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3506: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3699: Red Hat Enterprise Linux AppStream EUS (v. 10.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3297: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3864: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4164: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3669: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2706: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2914: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3035: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3840: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3092: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4174: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3752: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3336: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4892: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3971: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3343: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5146: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5145: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19013: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22937: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22450: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19132: Red Hat Enterprise Linux AppStream (v. 10)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4672: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2708: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3985: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3188: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3187: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3898: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4952: Red Hat Enterprise Linux AppStream (v. 8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3468: Red Hat Enterprise Linux AppStream AUS (v. 8.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3841: Red Hat Enterprise Linux AppStream AUS (v. 8.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3470: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3973: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3879: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3815: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5461: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5030: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19634: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3489: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3972: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3880: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3812: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5853: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5031: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream E4S (v.8.6), Red Hat Enterprise Linux AppStream TUS (v.8.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3471: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3974: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3838: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3821: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4753: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5022: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:16102: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3932: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3473: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3854: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3822: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5533: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5079: Red Hat Enterprise Linux AppStream E4S (v.9.0)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25252: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25251: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3931: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3472: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3836: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3820: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5327: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25248: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5076: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25253: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25250: Red Hat Enterprise Linux AppStream E4S (v.9.2)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12030: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12032: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3930: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3469: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3835: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3818: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12033: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4267: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4211: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12028: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5078: Red Hat CodeReady Linux Builder EUS (v.9.4), Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12031: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12029: Red Hat Enterprise Linux AppStream EUS (v.9.4)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11749: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9109: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3929: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3814: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3193: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3833: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3817: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9108: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4264: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5544: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7854: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5077: Red Hat CodeReady Linux Builder EUS (v.9.6), Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9097: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9098: Red Hat Enterprise Linux AppStream EUS (v.9.6)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3298: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3341: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3928: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3668: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2709: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2920: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3040: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3839: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4177: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3753: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3337: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4901: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3291: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3340: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:18913: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23228: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22714: Red Hat Enterprise Linux AppStream (v. 9)\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5645: Cert Manager support for Red Hat OpenShift release 1.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26636: Custom Metric Autoscaler 2.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5851: DevWorkspace Operator 0.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7942: HawtIO HawtIO 4.3.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25089: HawtIO HawtIO 4.4.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7052: Logging Subsystem for Red Hat OpenShift 6.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4500: Logging Subsystem for Red Hat OpenShift 6.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4939: Logging Subsystem for Red Hat OpenShift 6.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4498: Logging Subsystem for Red Hat OpenShift 6.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6429: Multicluster Global Hub 1.4.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5110: Multicluster Global Hub 1.5.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6226: Multicluster Global Hub 1.6.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6428: Network Observability (NETOBSERV) 1.11.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6251: OpenShift API for Data Protection 1.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4170: OpenShift API for Data Protection 1.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8433: OpenShift Compliance Operator 1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4270: OpenShift Developer Tools and Services 1.6.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22627: OpenShift File Integrity Operator - FIO 1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8229: Red Hat Advanced Cluster Management for Kubernetes 2.13\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:25127: Red Hat Advanced Cluster Management for Kubernetes 2.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13548: Red Hat Advanced Cluster Management for Kubernetes 2.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8151: Red Hat Advanced Cluster Management for Kubernetes 2.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11408: Red Hat Advanced Cluster Management for Kubernetes 2.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4466: Red Hat Advanced Cluster Security for Kubernetes 4.8\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4467: Red Hat Advanced Cluster Security for Kubernetes 4.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3960: Red Hat Ansible Automation Platform 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3089: Red Hat Developer Hub 1.8\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7385: Red Hat Hardened Images\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7291: Red Hat Hardened Images\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4220: Red Hat Lightspeed (formerly Insights) for Runtimes 1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5807: Red Hat OpenShift AI 2.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3782: Red Hat OpenShift AI 2.25\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10184: Red Hat OpenShift AI 2.25\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:24977: Red Hat OpenShift AI 2.25\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19712: Red Hat OpenShift AI 3.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3713: Red Hat OpenShift AI 3.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5549: Red Hat OpenShift Builds 1.6.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12282: Red Hat OpenShift Container Platform 4.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14100: Red Hat OpenShift Container Platform 4.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21691: Red Hat OpenShift Container Platform 4.13\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:15091: Red Hat OpenShift Container Platform 4.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14774: Red Hat OpenShift Container Platform 4.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10104: Red Hat OpenShift Container Platform 4.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4510: Red Hat OpenShift Container Platform 4.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4511: Red Hat OpenShift Container Platform 4.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17598: Red Hat OpenShift Container Platform 4.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3905: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3906: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6554: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21657: Red Hat OpenShift Container Platform 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4434: Red Hat OpenShift Container Platform 4.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7249: Red Hat OpenShift Container Platform 4.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4435: Red Hat OpenShift Container Platform 4.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:20041: Red Hat OpenShift Container Platform 4.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3855: Red Hat OpenShift Container Platform 4.20\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3856: Red Hat OpenShift Container Platform 4.20\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8431: Red Hat OpenShift Container Platform 4.20\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17468: Red Hat OpenShift Container Platform 4.20\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6564: Red Hat OpenShift Container Platform 4.20\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2844: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6192: Red Hat OpenShift Dev Spaces 3.27\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3869: Red Hat OpenShift GitOps 1.17\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3874: Red Hat OpenShift GitOps 1.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3884: Red Hat OpenShift GitOps 1.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3559: Red Hat OpenShift Service Mesh 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8483: Red Hat OpenShift Service Mesh 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5132: Red Hat OpenShift Service Mesh 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3556: Red Hat OpenShift Service Mesh 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5948: Red Hat OpenShift Service Mesh 3.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5129: Red Hat OpenShift Service Mesh 3.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5950: Red Hat OpenShift Service Mesh 3.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5131: Red Hat OpenShift Service Mesh 3.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5952: Red Hat OpenShift Service Mesh 3.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5130: Red Hat OpenShift Service Mesh 3.2\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3427: Red Hat OpenShift distributed tracing 3.9.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3459: Red Hat OpenShift distributed tracing 3.9.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5394: Red Hat OpenStack Platform 17.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11747: Red Hat OpenStack Services on OpenShift 18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:26420: Red Hat Openshift Data Foundation 4.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6184: Red Hat Openshift Data Foundation 4.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:12279: Red Hat Openshift Data Foundation 4.19\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4942: Red Hat Quay 3.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:21017: Red Hat Quay 3.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6568: Red Hat Quay 3.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6497: Red Hat Quay 3.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:19375: Red Hat Quay 3.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2681: Red Hat Quay 3.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:6567: Red Hat Quay 3.16\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5665: Red Hat Quay 3.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:23361: Red Hat Quay 3.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5168: Red Hat Quay 3.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:2754: Red Hat Quay 3.9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:15984: Red Hat Satellite 6.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14879: Red Hat Satellite 6.18\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5447: Red Hat Trusted Artifact Signer 1.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5452: Red Hat Trusted Artifact Signer 1.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5439: Red Hat Trusted Artifact Signer 1.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4276: Red Hat Trusted Artifact Signer 1.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3296: Red Hat Trusted Artifact Signer 1.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:3184: Red Hat Trusted Artifact Signer 1.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5444: Red Hat Trusted Artifact Signer 1.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5649: Red Hat Trusted Artifact Signer 1.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5463: Red Hat Trusted Artifact Signer 1.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:4943: Red Hat Update Infrastructure 5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10250: Red Hat Web Terminal 1.11\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10225: Red Hat Web Terminal 1.12\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8338: Red Hat Web Terminal 1.13\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8337: Red Hat Web Terminal 1.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8167: Red Hat Web Terminal 1.15\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13571: Streams for Apache Kafka 3.2.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17460: Zero Trust Workload Identity Manager 1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17463: Zero Trust Workload Identity Manager 1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:28441: mirror registry for Red Hat OpenShift 2.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13542: multicluster engine for Kubernetes 2.10\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:9848: multicluster engine for Kubernetes 2.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:5636: multicluster engine for Kubernetes 2.7\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8218: multicluster engine for Kubernetes 2.8\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:11414: multicluster engine for Kubernetes 2.9\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-01-28T19:30:31.215Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2025-61726\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2434432\", \"name\": \"RHBZ#2434432\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2025/cve-2025-61726.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3958\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7676\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4460\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3959\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6278\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26527\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26541\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10096\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3416\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17595\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3875\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17446\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6277\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3186\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28047\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3391\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5968\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14868\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3843\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4166\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3813\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3192\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3977\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3831\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3816\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17084\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4256\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5852\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17040\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4907\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3970\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16696\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3506\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3699\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3297\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3864\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4164\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3669\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2706\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2914\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3035\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3840\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3092\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4174\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3752\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3336\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4892\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3971\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3343\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5146\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5145\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19013\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22937\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22450\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19132\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4672\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2708\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3985\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3188\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3187\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3898\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4952\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3468\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3841\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3470\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3973\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3879\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3815\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5461\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5030\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19634\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3489\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3972\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3880\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3812\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5853\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5031\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3471\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3974\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3838\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3821\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4753\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5022\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:16102\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3932\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3473\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3854\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3822\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5533\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5079\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25252\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25251\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3931\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3472\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3836\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3820\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5327\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25248\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5076\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25253\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25250\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12030\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12032\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3930\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3469\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3835\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3818\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12033\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4267\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4211\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12028\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5078\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12031\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12029\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11749\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9109\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3929\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3814\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3193\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3833\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3817\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9108\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4264\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5544\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7854\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5077\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9097\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9098\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3298\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3341\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3928\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3668\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2709\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2920\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3040\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3839\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4177\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3753\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3337\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4901\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3291\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3340\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:18913\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23228\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22714\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5645\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26636\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5851\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7942\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25089\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7052\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4500\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4939\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4498\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6429\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5110\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6226\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6428\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6251\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4170\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8433\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4270\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22627\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8229\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:25127\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13548\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8151\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11408\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4466\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4467\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3960\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3089\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7385\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7291\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4220\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5807\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3782\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10184\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:24977\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19712\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3713\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5549\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12282\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14100\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21691\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:15091\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14774\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10104\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4510\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4511\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17598\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3905\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3906\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6554\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21657\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4434\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7249\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4435\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:20041\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3855\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3856\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8431\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17468\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6564\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2844\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6192\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3869\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3874\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3884\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3559\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8483\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5132\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3556\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5948\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5129\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5950\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5131\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5952\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5130\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3427\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3459\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5394\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11747\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:26420\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6184\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:12279\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4942\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:21017\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6568\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6497\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:19375\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2681\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:6567\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5665\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:23361\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5168\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:2754\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:15984\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14879\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5447\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5452\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5439\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4276\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3296\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:3184\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5444\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5649\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5463\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:4943\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10250\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10225\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8338\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8337\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8167\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13571\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17460\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17463\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:28441\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13542\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:9848\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:5636\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8218\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:11414\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-770\", \"description\": \"Allocation of Resources Without Limits or Throttling\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-06-30T12:06:15.501Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-61726\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-29T18:31:39.150633Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-01-29T18:31:55.540Z\"}}], \"cna\": {\"title\": \"Memory exhaustion in query parameter parsing in net/url\", \"credits\": [{\"lang\": \"en\", \"value\": \"jub0bs\"}], \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"net/url\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.24.12\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.25.0\", \"lessThan\": \"1.25.6\", \"versionType\": \"semver\"}], \"packageName\": \"net/url\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"parseQuery\"}, {\"name\": \"ParseQuery\"}, {\"name\": \"URL.Query\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/736712\"}, {\"url\": \"https://go.dev/issue/77101\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2026-4341\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"The net/url package does not set a limit on the number of query parameters in a query. While the maximum size of query parameters in URLs is generally limited by the maximum request header size, the net/http.Request.ParseForm method can parse large URL-encoded forms. Parsing a large form containing many unique query parameters can cause excessive memory consumption.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-400: Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2026-01-28T19:30:31.215Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-61726\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-30T12:06:15.501Z\", \"dateReserved\": \"2025-09-30T15:05:03.605Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2026-01-28T19:30:31.215Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
RHSA-2026:26527
Vulnerability from csaf_redhat - Published: 2026-06-25 09:03 - Updated: 2026-06-30 15:49Summary
Red Hat Security Advisory: OpenShift Container Platform 4.12.92 packages and security update
Severity
Important
Notes
Topic: Red Hat OpenShift Container Platform release 4.12.92 is now available with
updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container
Platform 4.12.
Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container
Platform 4.12.92. See the following advisory for the container images for
this release:
https://access.redhat.com/errata/RHSA-2026:26529
Security Fix(es):
* containernetworking-plugins and skopeo: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
* containernetworking-plugins and skopeo: Denial of service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
* containernetworking-plugins and skopeo: Unexpected session resumption in crypto/tls (CVE-2025-68121)
* containernetworking-plugins and skopeo: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)
* skopeo: Unbounded allocation when parsing GNU sparse map (CVE-2025-58183)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
All OpenShift Container Platform 4.12 users are advised to upgrade to these
updated packages and images when they are available in the appropriate
release channel. To check for available updates, use the OpenShift CLI (oc)
or web console. Instructions for upgrading a cluster are available at
https://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
7.5 (High)
Affected products
Fixed
34 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
176 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
47 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
163 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Affected products
Fixed
47 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
|
Known not affected
163 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Threats
Impact
Important
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Affected products
Fixed
47 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
|
Known not affected
163 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — | ||
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Threats
Impact
Moderate
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
47 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
163 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 | — |
Workaround
|
Threats
Impact
Important
References
48 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.12.92 is now available with\nupdates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container\nPlatform 4.12.\n\nRed Hat Product Security has rated this update as having a security impact\nof Low. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container\nPlatform 4.12.92. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHSA-2026:26529\n\nSecurity Fix(es):\n* containernetworking-plugins and skopeo: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n* containernetworking-plugins and skopeo: Denial of service due to excessive resource consumption via crafted certificate (CVE-2025-61729)\n* containernetworking-plugins and skopeo: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n* containernetworking-plugins and skopeo: Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n* skopeo: Unbounded allocation when parsing GNU sparse map (CVE-2025-58183)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.\n\nAll OpenShift Container Platform 4.12 users are advised to upgrade to these\nupdated packages and images when they are available in the appropriate\nrelease channel. To check for available updates, use the OpenShift CLI (oc)\nor web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html-single/updating_clusters/index#updating-cluster-within-minor.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26527",
"url": "https://access.redhat.com/errata/RHSA-2026:26527"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26527.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.12.92 packages and security update",
"tracking": {
"current_release_date": "2026-06-30T15:49:27+00:00",
"generator": {
"date": "2026-06-30T15:49:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26527",
"initial_release_date": "2026-06-25T09:03:50+00:00",
"revision_history": [
{
"date": "2026-06-25T09:03:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-25T09:03:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T15:49:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.12::el9"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.12",
"product": {
"name": "Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.12::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"product": {
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"product_id": "skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.9.4-9.rhaos4.12.el9?arch=src\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"product": {
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"product_id": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-6.rhaos4.12.el8?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.196.1.el8_6.src",
"product": {
"name": "kernel-0:4.18.0-372.196.1.el8_6.src",
"product_id": "kernel-0:4.18.0-372.196.1.el8_6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.196.1.el8_6?arch=src"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-11.rhaos4.12.el8.src",
"product": {
"name": "podman-3:4.4.1-11.rhaos4.12.el8.src",
"product_id": "podman-3:4.4.1-11.rhaos4.12.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-11.rhaos4.12.el8?arch=src\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"product": {
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"product_id": "skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.9.4-8.rhaos4.12.el8?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"product": {
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"product_id": "skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.9.4-9.rhaos4.12.el9?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64",
"product": {
"name": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64",
"product_id": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.9.4-9.rhaos4.12.el9?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"product": {
"name": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"product_id": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.9.4-9.rhaos4.12.el9?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"product": {
"name": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"product_id": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.9.4-9.rhaos4.12.el9?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"product": {
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"product_id": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-6.rhaos4.12.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"product": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"product_id": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.4.0-6.rhaos4.12.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"product": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"product_id": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.4.0-6.rhaos4.12.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-ipaclones-internal@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "perf-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "perf-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-x86_64@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product_id": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-372.196.1.el8_6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product": {
"name": "podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_id": "podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-11.rhaos4.12.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product": {
"name": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_id": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@4.4.1-11.rhaos4.12.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product": {
"name": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_id": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@4.4.1-11.rhaos4.12.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product": {
"name": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_id": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.4.1-11.rhaos4.12.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product": {
"name": "podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_id": "podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.4.1-11.rhaos4.12.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product": {
"name": "podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_id": "podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.4.1-11.rhaos4.12.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product": {
"name": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_id": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.4.1-11.rhaos4.12.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product": {
"name": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_id": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.4.1-11.rhaos4.12.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product": {
"name": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_id": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.4.1-11.rhaos4.12.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_id": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.4.1-11.rhaos4.12.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product": {
"name": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_id": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.4.1-11.rhaos4.12.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product": {
"name": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_id": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.4.1-11.rhaos4.12.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"product": {
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"product_id": "skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.9.4-8.rhaos4.12.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"product": {
"name": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"product_id": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.9.4-8.rhaos4.12.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"product": {
"name": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"product_id": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.9.4-8.rhaos4.12.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"product": {
"name": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"product_id": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.9.4-8.rhaos4.12.el8?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"product": {
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"product_id": "skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.9.4-9.rhaos4.12.el9?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"product": {
"name": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"product_id": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.9.4-9.rhaos4.12.el9?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"product": {
"name": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"product_id": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.9.4-9.rhaos4.12.el9?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"product": {
"name": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"product_id": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.9.4-9.rhaos4.12.el9?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"product": {
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"product_id": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-6.rhaos4.12.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"product": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"product_id": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.4.0-6.rhaos4.12.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"product": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"product_id": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.4.0-6.rhaos4.12.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "perf-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "perf-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-aarch64@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product_id": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-372.196.1.el8_6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product": {
"name": "podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_id": "podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-11.rhaos4.12.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product": {
"name": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_id": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@4.4.1-11.rhaos4.12.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product": {
"name": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_id": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@4.4.1-11.rhaos4.12.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product": {
"name": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_id": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.4.1-11.rhaos4.12.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product": {
"name": "podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_id": "podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.4.1-11.rhaos4.12.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product": {
"name": "podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_id": "podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.4.1-11.rhaos4.12.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product": {
"name": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_id": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.4.1-11.rhaos4.12.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product": {
"name": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_id": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.4.1-11.rhaos4.12.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product": {
"name": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_id": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.4.1-11.rhaos4.12.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_id": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.4.1-11.rhaos4.12.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product": {
"name": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_id": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.4.1-11.rhaos4.12.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product": {
"name": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_id": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.4.1-11.rhaos4.12.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"product": {
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"product_id": "skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.9.4-8.rhaos4.12.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"product": {
"name": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"product_id": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.9.4-8.rhaos4.12.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"product": {
"name": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"product_id": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.9.4-8.rhaos4.12.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"product": {
"name": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"product_id": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.9.4-8.rhaos4.12.el8?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"product": {
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"product_id": "skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.9.4-9.rhaos4.12.el9?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"product": {
"name": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"product_id": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.9.4-9.rhaos4.12.el9?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"product": {
"name": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"product_id": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.9.4-9.rhaos4.12.el9?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"product": {
"name": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"product_id": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.9.4-9.rhaos4.12.el9?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"product_id": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-6.rhaos4.12.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"product_id": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.4.0-6.rhaos4.12.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"product_id": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.4.0-6.rhaos4.12.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-ipaclones-internal@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-libs-devel@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-ppc64le@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_id": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-372.196.1.el8_6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product": {
"name": "podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_id": "podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-11.rhaos4.12.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product": {
"name": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_id": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@4.4.1-11.rhaos4.12.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product": {
"name": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_id": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@4.4.1-11.rhaos4.12.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product": {
"name": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_id": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.4.1-11.rhaos4.12.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product": {
"name": "podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_id": "podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.4.1-11.rhaos4.12.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product": {
"name": "podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_id": "podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.4.1-11.rhaos4.12.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product": {
"name": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_id": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.4.1-11.rhaos4.12.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product": {
"name": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_id": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.4.1-11.rhaos4.12.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product": {
"name": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_id": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.4.1-11.rhaos4.12.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_id": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.4.1-11.rhaos4.12.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product": {
"name": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_id": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.4.1-11.rhaos4.12.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product": {
"name": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_id": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.4.1-11.rhaos4.12.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"product": {
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"product_id": "skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.9.4-8.rhaos4.12.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"product": {
"name": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"product_id": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.9.4-8.rhaos4.12.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"product": {
"name": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"product_id": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.9.4-8.rhaos4.12.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"product": {
"name": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"product_id": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.9.4-8.rhaos4.12.el8?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"product": {
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"product_id": "skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.9.4-9.rhaos4.12.el9?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"product": {
"name": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"product_id": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.9.4-9.rhaos4.12.el9?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"product": {
"name": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"product_id": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.9.4-9.rhaos4.12.el9?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"product": {
"name": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"product_id": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.9.4-9.rhaos4.12.el9?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"product": {
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"product_id": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-6.rhaos4.12.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"product": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"product_id": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.4.0-6.rhaos4.12.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"product": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"product_id": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.4.0-6.rhaos4.12.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-core@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-core@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-devel@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-extra@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-modules-internal@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-devel@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-extra@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-modules-internal@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-selftests-internal@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-core@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-devel@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-extra@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-modules-internal@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "perf-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "perf-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "perf-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/bpftool-debuginfo@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debug-debuginfo@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-debuginfo-common-s390x@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-tools-debuginfo@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-zfcpdump-debuginfo@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/perf-debuginfo@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product": {
"name": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_id": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-perf-debuginfo@4.18.0-372.196.1.el8_6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"product": {
"name": "podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_id": "podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-11.rhaos4.12.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"product": {
"name": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_id": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@4.4.1-11.rhaos4.12.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"product": {
"name": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_id": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@4.4.1-11.rhaos4.12.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"product": {
"name": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_id": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.4.1-11.rhaos4.12.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"product": {
"name": "podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_id": "podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.4.1-11.rhaos4.12.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"product": {
"name": "podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_id": "podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.4.1-11.rhaos4.12.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"product": {
"name": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_id": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.4.1-11.rhaos4.12.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product": {
"name": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_id": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.4.1-11.rhaos4.12.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product": {
"name": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_id": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.4.1-11.rhaos4.12.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_id": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.4.1-11.rhaos4.12.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product": {
"name": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_id": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.4.1-11.rhaos4.12.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product": {
"name": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_id": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.4.1-11.rhaos4.12.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"product": {
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"product_id": "skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.9.4-8.rhaos4.12.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"product": {
"name": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"product_id": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.9.4-8.rhaos4.12.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"product": {
"name": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"product_id": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.9.4-8.rhaos4.12.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"product": {
"name": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"product_id": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.9.4-8.rhaos4.12.el8?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"product": {
"name": "kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"product_id": "kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/kernel-doc@4.18.0-372.196.1.el8_6?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"product": {
"name": "podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"product_id": "podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@4.4.1-11.rhaos4.12.el8?arch=noarch\u0026epoch=3"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64"
},
"product_reference": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x"
},
"product_reference": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src"
},
"product_reference": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64"
},
"product_reference": "containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64"
},
"product_reference": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x"
},
"product_reference": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64"
},
"product_reference": "containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64"
},
"product_reference": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x"
},
"product_reference": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64"
},
"product_reference": "containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.196.1.el8_6.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src"
},
"product_reference": "kernel-0:4.18.0-372.196.1.el8_6.src",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-core-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-doc-0:4.18.0-372.196.1.el8_6.noarch as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch"
},
"product_reference": "kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "perf-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "perf-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "perf-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-11.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64"
},
"product_reference": "podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-11.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le"
},
"product_reference": "podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-11.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x"
},
"product_reference": "podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-11.rhaos4.12.el8.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src"
},
"product_reference": "podman-3:4.4.1-11.rhaos4.12.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-11.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64"
},
"product_reference": "podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64"
},
"product_reference": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le"
},
"product_reference": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x"
},
"product_reference": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64"
},
"product_reference": "podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64"
},
"product_reference": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le"
},
"product_reference": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x"
},
"product_reference": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64"
},
"product_reference": "podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64"
},
"product_reference": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le"
},
"product_reference": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x"
},
"product_reference": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64"
},
"product_reference": "podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64"
},
"product_reference": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le"
},
"product_reference": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x"
},
"product_reference": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64"
},
"product_reference": "podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch"
},
"product_reference": "podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64"
},
"product_reference": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le"
},
"product_reference": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x"
},
"product_reference": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64"
},
"product_reference": "podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64"
},
"product_reference": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le"
},
"product_reference": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x"
},
"product_reference": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64"
},
"product_reference": "podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64"
},
"product_reference": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le"
},
"product_reference": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x"
},
"product_reference": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64"
},
"product_reference": "podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64"
},
"product_reference": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le"
},
"product_reference": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x"
},
"product_reference": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64"
},
"product_reference": "podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64"
},
"product_reference": "podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le"
},
"product_reference": "podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x"
},
"product_reference": "podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64"
},
"product_reference": "podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64"
},
"product_reference": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le"
},
"product_reference": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x"
},
"product_reference": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64"
},
"product_reference": "podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64"
},
"product_reference": "podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le"
},
"product_reference": "podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x"
},
"product_reference": "podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64"
},
"product_reference": "podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
},
"product_reference": "python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64"
},
"product_reference": "skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le"
},
"product_reference": "skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x"
},
"product_reference": "skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src"
},
"product_reference": "skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64"
},
"product_reference": "skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64"
},
"product_reference": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le"
},
"product_reference": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x"
},
"product_reference": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64"
},
"product_reference": "skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64"
},
"product_reference": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le"
},
"product_reference": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x"
},
"product_reference": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64"
},
"product_reference": "skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64"
},
"product_reference": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le"
},
"product_reference": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x"
},
"product_reference": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64"
},
"product_reference": "skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64"
},
"product_reference": "skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le"
},
"product_reference": "skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x"
},
"product_reference": "skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.src as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src"
},
"product_reference": "skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64"
},
"product_reference": "skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64"
},
"product_reference": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le"
},
"product_reference": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x"
},
"product_reference": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64"
},
"product_reference": "skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64"
},
"product_reference": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le"
},
"product_reference": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x"
},
"product_reference": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64"
},
"product_reference": "skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64"
},
"product_reference": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le"
},
"product_reference": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x"
},
"product_reference": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.12"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.12",
"product_id": "9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
},
"product_reference": "skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.12"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-25T09:03:50+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes",
"product_ids": [
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26527"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-25T09:03:50+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes",
"product_ids": [
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26527"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-25T09:03:50+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes",
"product_ids": [
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26527"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-25T09:03:50+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes",
"product_ids": [
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26527"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-25T09:03:50+00:00",
"details": "For OpenShift Container Platform 4.12 see the following documentation,\nwhich will be updated shortly for this release, for important instructions\non how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.12/html/release_notes",
"product_ids": [
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26527"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:bpftool-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:containernetworking-plugins-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debuginfo-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:containernetworking-plugins-debugsource-1:1.4.0-6.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.src",
"8Base-RHOSE-4.12:kernel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-core-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debug-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-aarch64-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-debuginfo-common-ppc64le-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-debuginfo-common-s390x-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-debuginfo-common-x86_64-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-doc-0:4.18.0-372.196.1.el8_6.noarch",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-ipaclones-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-extra-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-modules-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-selftests-internal-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-tools-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:kernel-tools-libs-devel-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:kernel-zfcpdump-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-core-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-devel-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-extra-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:kernel-zfcpdump-modules-internal-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:podman-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-catatonit-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-debugsource-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-docker-3:4.4.1-11.rhaos4.12.el8.noarch",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-gvproxy-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-plugins-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-remote-debuginfo-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:podman-tests-3:4.4.1-11.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.aarch64",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.ppc64le",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.s390x",
"8Base-RHOSE-4.12:python3-perf-debuginfo-0:4.18.0-372.196.1.el8_6.x86_64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.src",
"8Base-RHOSE-4.12:skopeo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-8.rhaos4.12.el8.x86_64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.aarch64",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.ppc64le",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.s390x",
"8Base-RHOSE-4.12:skopeo-tests-2:1.9.4-8.rhaos4.12.el8.x86_64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.src",
"9Base-RHOSE-4.12:skopeo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debuginfo-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-debugsource-2:1.9.4-9.rhaos4.12.el9.x86_64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.aarch64",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.ppc64le",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.s390x",
"9Base-RHOSE-4.12:skopeo-tests-2:1.9.4-9.rhaos4.12.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
}
]
}
RHSA-2026:26541
Vulnerability from csaf_redhat - Published: 2026-06-25 11:00 - Updated: 2026-06-30 15:49Summary
Red Hat Security Advisory: OpenShift Container Platform 4.13.68 packages and security update
Severity
Important
Notes
Topic: Red Hat OpenShift Container Platform release 4.13.68 is now available with updates to packages and images that fix several bugs and add enhancements.
This release includes a security update for Red Hat OpenShift Container Platform 4.13.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.68. See the following advisory for the container images for this release:
https://access.redhat.com/errata/RHSA-2026:26543
Security Fix(es):
None
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
All OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at
https://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html-single/updating_clusters/index#updating-cluster-within-minor.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.
7.5 (High)
Affected products
Fixed
118 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
131 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
92 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
39 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64 | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x | — |
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Affected products
Fixed
131 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Affected products
Fixed
131 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
131 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
References
56 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.13.68 is now available with updates to packages and images that fix several bugs and add enhancements.\n\nThis release includes a security update for Red Hat OpenShift Container Platform 4.13.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nThis advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.13.68. See the following advisory for the container images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2026:26543\n\nSecurity Fix(es):\n\nNone\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAll OpenShift Container Platform 4.13 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift CLI (oc) or web console. Instructions for upgrading a cluster are available at\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html-single/updating_clusters/index#updating-cluster-within-minor.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26541",
"url": "https://access.redhat.com/errata/RHSA-2026:26541"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26541.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.13.68 packages and security update",
"tracking": {
"current_release_date": "2026-06-30T15:49:27+00:00",
"generator": {
"date": "2026-06-30T15:49:27+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26541",
"initial_release_date": "2026-06-25T11:00:00+00:00",
"revision_history": [
{
"date": "2026-06-25T11:00:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-25T11:00:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T15:49:27+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.13",
"product": {
"name": "Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.13::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.13",
"product": {
"name": "Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.13::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"product": {
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"product_id": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-7.rhaos4.13.el8?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-19.rhaos4.13.el8.src",
"product": {
"name": "podman-3:4.4.1-19.rhaos4.13.el8.src",
"product_id": "podman-3:4.4.1-19.rhaos4.13.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-19.rhaos4.13.el8?arch=src\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"product": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"product_id": "skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.11.3-6.rhaos4.13.el8?arch=src\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-20.rhaos4.13.el9.src",
"product": {
"name": "podman-3:4.4.1-20.rhaos4.13.el9.src",
"product_id": "podman-3:4.4.1-20.rhaos4.13.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-20.rhaos4.13.el9?arch=src\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"product": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"product_id": "skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.11.3-6.rhaos4.13.el9?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"product": {
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"product_id": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-7.rhaos4.13.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"product": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"product_id": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.4.0-7.rhaos4.13.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"product": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"product_id": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.4.0-7.rhaos4.13.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product": {
"name": "podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_id": "podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-19.rhaos4.13.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product": {
"name": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_id": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@4.4.1-19.rhaos4.13.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product": {
"name": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_id": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@4.4.1-19.rhaos4.13.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product": {
"name": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_id": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.4.1-19.rhaos4.13.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product": {
"name": "podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_id": "podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.4.1-19.rhaos4.13.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product": {
"name": "podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_id": "podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.4.1-19.rhaos4.13.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product": {
"name": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_id": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.4.1-19.rhaos4.13.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product": {
"name": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_id": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.4.1-19.rhaos4.13.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product": {
"name": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_id": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.4.1-19.rhaos4.13.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_id": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.4.1-19.rhaos4.13.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product": {
"name": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_id": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.4.1-19.rhaos4.13.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product": {
"name": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_id": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.4.1-19.rhaos4.13.el8?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"product": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"product_id": "skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.11.3-6.rhaos4.13.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"product": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"product_id": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.11.3-6.rhaos4.13.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product": {
"name": "podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_id": "podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-20.rhaos4.13.el9?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product": {
"name": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_id": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@4.4.1-20.rhaos4.13.el9?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product": {
"name": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_id": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.4.1-20.rhaos4.13.el9?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product": {
"name": "podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_id": "podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.4.1-20.rhaos4.13.el9?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product": {
"name": "podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_id": "podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.4.1-20.rhaos4.13.el9?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product": {
"name": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_id": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.4.1-20.rhaos4.13.el9?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product": {
"name": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_id": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.4.1-20.rhaos4.13.el9?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_id": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.4.1-20.rhaos4.13.el9?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product": {
"name": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_id": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.4.1-20.rhaos4.13.el9?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product": {
"name": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_id": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.4.1-20.rhaos4.13.el9?arch=x86_64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"product": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"product_id": "skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.11.3-6.rhaos4.13.el9?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64",
"product": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64",
"product_id": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.11.3-6.rhaos4.13.el9?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"product": {
"name": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"product_id": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.11.3-6.rhaos4.13.el9?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"product": {
"name": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"product_id": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.11.3-6.rhaos4.13.el9?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"product": {
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"product_id": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-7.rhaos4.13.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"product": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"product_id": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.4.0-7.rhaos4.13.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"product": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"product_id": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.4.0-7.rhaos4.13.el8?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product": {
"name": "podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_id": "podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-19.rhaos4.13.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product": {
"name": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_id": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@4.4.1-19.rhaos4.13.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product": {
"name": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_id": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@4.4.1-19.rhaos4.13.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product": {
"name": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_id": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.4.1-19.rhaos4.13.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product": {
"name": "podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_id": "podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.4.1-19.rhaos4.13.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product": {
"name": "podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_id": "podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.4.1-19.rhaos4.13.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product": {
"name": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_id": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.4.1-19.rhaos4.13.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product": {
"name": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_id": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.4.1-19.rhaos4.13.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product": {
"name": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_id": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.4.1-19.rhaos4.13.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_id": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.4.1-19.rhaos4.13.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product": {
"name": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_id": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.4.1-19.rhaos4.13.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product": {
"name": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_id": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.4.1-19.rhaos4.13.el8?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"product": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"product_id": "skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.11.3-6.rhaos4.13.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"product": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"product_id": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.11.3-6.rhaos4.13.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product": {
"name": "podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_id": "podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-20.rhaos4.13.el9?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product": {
"name": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_id": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@4.4.1-20.rhaos4.13.el9?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product": {
"name": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_id": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.4.1-20.rhaos4.13.el9?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product": {
"name": "podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_id": "podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.4.1-20.rhaos4.13.el9?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product": {
"name": "podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_id": "podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.4.1-20.rhaos4.13.el9?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product": {
"name": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_id": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.4.1-20.rhaos4.13.el9?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product": {
"name": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_id": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.4.1-20.rhaos4.13.el9?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_id": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.4.1-20.rhaos4.13.el9?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product": {
"name": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_id": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.4.1-20.rhaos4.13.el9?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product": {
"name": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_id": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.4.1-20.rhaos4.13.el9?arch=aarch64\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"product": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"product_id": "skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.11.3-6.rhaos4.13.el9?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"product": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"product_id": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.11.3-6.rhaos4.13.el9?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"product": {
"name": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"product_id": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.11.3-6.rhaos4.13.el9?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"product": {
"name": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"product_id": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.11.3-6.rhaos4.13.el9?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"product_id": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-7.rhaos4.13.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"product_id": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.4.0-7.rhaos4.13.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"product": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"product_id": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.4.0-7.rhaos4.13.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product": {
"name": "podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_id": "podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-19.rhaos4.13.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product": {
"name": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_id": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@4.4.1-19.rhaos4.13.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product": {
"name": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_id": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@4.4.1-19.rhaos4.13.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product": {
"name": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_id": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.4.1-19.rhaos4.13.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product": {
"name": "podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_id": "podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.4.1-19.rhaos4.13.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product": {
"name": "podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_id": "podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.4.1-19.rhaos4.13.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product": {
"name": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_id": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.4.1-19.rhaos4.13.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product": {
"name": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_id": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.4.1-19.rhaos4.13.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product": {
"name": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_id": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.4.1-19.rhaos4.13.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_id": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.4.1-19.rhaos4.13.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product": {
"name": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_id": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.4.1-19.rhaos4.13.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product": {
"name": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_id": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.4.1-19.rhaos4.13.el8?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"product": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"product_id": "skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.11.3-6.rhaos4.13.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"product": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"product_id": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.11.3-6.rhaos4.13.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product": {
"name": "podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_id": "podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-20.rhaos4.13.el9?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product": {
"name": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_id": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@4.4.1-20.rhaos4.13.el9?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product": {
"name": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_id": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.4.1-20.rhaos4.13.el9?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product": {
"name": "podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_id": "podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.4.1-20.rhaos4.13.el9?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product": {
"name": "podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_id": "podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.4.1-20.rhaos4.13.el9?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product": {
"name": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_id": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.4.1-20.rhaos4.13.el9?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product": {
"name": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_id": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.4.1-20.rhaos4.13.el9?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_id": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.4.1-20.rhaos4.13.el9?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product": {
"name": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_id": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.4.1-20.rhaos4.13.el9?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product": {
"name": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_id": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.4.1-20.rhaos4.13.el9?arch=ppc64le\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"product": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"product_id": "skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.11.3-6.rhaos4.13.el9?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"product": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"product_id": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.11.3-6.rhaos4.13.el9?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"product": {
"name": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"product_id": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.11.3-6.rhaos4.13.el9?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"product": {
"name": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"product_id": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.11.3-6.rhaos4.13.el9?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"product": {
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"product_id": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@1.4.0-7.rhaos4.13.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"product": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"product_id": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@1.4.0-7.rhaos4.13.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"product": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"product_id": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@1.4.0-7.rhaos4.13.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"product": {
"name": "podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_id": "podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-19.rhaos4.13.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"product": {
"name": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_id": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@4.4.1-19.rhaos4.13.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"product": {
"name": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_id": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@4.4.1-19.rhaos4.13.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"product": {
"name": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_id": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.4.1-19.rhaos4.13.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"product": {
"name": "podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_id": "podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.4.1-19.rhaos4.13.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"product": {
"name": "podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_id": "podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.4.1-19.rhaos4.13.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"product": {
"name": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_id": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.4.1-19.rhaos4.13.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product": {
"name": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_id": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@4.4.1-19.rhaos4.13.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product": {
"name": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_id": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.4.1-19.rhaos4.13.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_id": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.4.1-19.rhaos4.13.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product": {
"name": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_id": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.4.1-19.rhaos4.13.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product": {
"name": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_id": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.4.1-19.rhaos4.13.el8?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"product": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"product_id": "skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.11.3-6.rhaos4.13.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"product": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"product_id": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.11.3-6.rhaos4.13.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"product": {
"name": "podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_id": "podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@4.4.1-20.rhaos4.13.el9?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"product": {
"name": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_id": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy@4.4.1-20.rhaos4.13.el9?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"product": {
"name": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_id": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@4.4.1-20.rhaos4.13.el9?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"product": {
"name": "podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_id": "podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@4.4.1-20.rhaos4.13.el9?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"product": {
"name": "podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_id": "podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@4.4.1-20.rhaos4.13.el9?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"product": {
"name": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_id": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@4.4.1-20.rhaos4.13.el9?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"product": {
"name": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_id": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@4.4.1-20.rhaos4.13.el9?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"product": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_id": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-gvproxy-debuginfo@4.4.1-20.rhaos4.13.el9?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"product": {
"name": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_id": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@4.4.1-20.rhaos4.13.el9?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"product": {
"name": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_id": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@4.4.1-20.rhaos4.13.el9?arch=s390x\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"product": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"product_id": "skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.11.3-6.rhaos4.13.el9?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"product": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"product_id": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.11.3-6.rhaos4.13.el9?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"product": {
"name": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"product_id": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.11.3-6.rhaos4.13.el9?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"product": {
"name": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"product_id": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.11.3-6.rhaos4.13.el9?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"product": {
"name": "podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"product_id": "podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@4.4.1-19.rhaos4.13.el8?arch=noarch\u0026epoch=3"
}
}
},
{
"category": "product_version",
"name": "podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"product": {
"name": "podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"product_id": "podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@4.4.1-20.rhaos4.13.el9?arch=noarch\u0026epoch=3"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64"
},
"product_reference": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x"
},
"product_reference": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src"
},
"product_reference": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64"
},
"product_reference": "containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64"
},
"product_reference": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x"
},
"product_reference": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64"
},
"product_reference": "containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64"
},
"product_reference": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le"
},
"product_reference": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x"
},
"product_reference": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64"
},
"product_reference": "containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-19.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64"
},
"product_reference": "podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-19.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le"
},
"product_reference": "podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-19.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x"
},
"product_reference": "podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-19.rhaos4.13.el8.src as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src"
},
"product_reference": "podman-3:4.4.1-19.rhaos4.13.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-19.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64"
},
"product_reference": "podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64"
},
"product_reference": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le"
},
"product_reference": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x"
},
"product_reference": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64"
},
"product_reference": "podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64"
},
"product_reference": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le"
},
"product_reference": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x"
},
"product_reference": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64"
},
"product_reference": "podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64"
},
"product_reference": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le"
},
"product_reference": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x"
},
"product_reference": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64"
},
"product_reference": "podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64"
},
"product_reference": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le"
},
"product_reference": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x"
},
"product_reference": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64"
},
"product_reference": "podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch"
},
"product_reference": "podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64"
},
"product_reference": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le"
},
"product_reference": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x"
},
"product_reference": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64"
},
"product_reference": "podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64"
},
"product_reference": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le"
},
"product_reference": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x"
},
"product_reference": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64"
},
"product_reference": "podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64"
},
"product_reference": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le"
},
"product_reference": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x"
},
"product_reference": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64"
},
"product_reference": "podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64"
},
"product_reference": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le"
},
"product_reference": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x"
},
"product_reference": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64"
},
"product_reference": "podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64"
},
"product_reference": "podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le"
},
"product_reference": "podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x"
},
"product_reference": "podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64"
},
"product_reference": "podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64"
},
"product_reference": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le"
},
"product_reference": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x"
},
"product_reference": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64"
},
"product_reference": "podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64"
},
"product_reference": "podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le"
},
"product_reference": "podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x"
},
"product_reference": "podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64"
},
"product_reference": "podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64"
},
"product_reference": "skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le"
},
"product_reference": "skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x"
},
"product_reference": "skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.src as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src"
},
"product_reference": "skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64"
},
"product_reference": "skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64"
},
"product_reference": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le"
},
"product_reference": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x"
},
"product_reference": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64"
},
"product_reference": "skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-20.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64"
},
"product_reference": "podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-20.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le"
},
"product_reference": "podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-20.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x"
},
"product_reference": "podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-20.rhaos4.13.el9.src as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src"
},
"product_reference": "podman-3:4.4.1-20.rhaos4.13.el9.src",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3:4.4.1-20.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64"
},
"product_reference": "podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64"
},
"product_reference": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le"
},
"product_reference": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x"
},
"product_reference": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64"
},
"product_reference": "podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64"
},
"product_reference": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le"
},
"product_reference": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x"
},
"product_reference": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64"
},
"product_reference": "podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch"
},
"product_reference": "podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64"
},
"product_reference": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le"
},
"product_reference": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x"
},
"product_reference": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64"
},
"product_reference": "podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64"
},
"product_reference": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le"
},
"product_reference": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x"
},
"product_reference": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64"
},
"product_reference": "podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64"
},
"product_reference": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le"
},
"product_reference": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x"
},
"product_reference": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64"
},
"product_reference": "podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64"
},
"product_reference": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le"
},
"product_reference": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x"
},
"product_reference": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64"
},
"product_reference": "podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64"
},
"product_reference": "podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le"
},
"product_reference": "podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x"
},
"product_reference": "podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64"
},
"product_reference": "podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64"
},
"product_reference": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le"
},
"product_reference": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x"
},
"product_reference": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64"
},
"product_reference": "podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64"
},
"product_reference": "podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le"
},
"product_reference": "podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x"
},
"product_reference": "podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64"
},
"product_reference": "podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64"
},
"product_reference": "skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le"
},
"product_reference": "skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x"
},
"product_reference": "skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.src as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src"
},
"product_reference": "skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64"
},
"product_reference": "skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64"
},
"product_reference": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le"
},
"product_reference": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x"
},
"product_reference": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64"
},
"product_reference": "skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64"
},
"product_reference": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le"
},
"product_reference": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x"
},
"product_reference": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64"
},
"product_reference": "skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64"
},
"product_reference": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le"
},
"product_reference": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x"
},
"product_reference": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"relates_to_product_reference": "9Base-RHOSE-4.13"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64 as a component of Red Hat OpenShift Container Platform 4.13",
"product_id": "9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
},
"product_reference": "skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64",
"relates_to_product_reference": "9Base-RHOSE-4.13"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-58183",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-10-29T23:01:50.573951+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2407258"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/tar package in the Go standard library. tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A specially crafted tar archive with a pax header indicating a big number of sparse regions can cause a Go program to try to allocate a large amount of memory, causing an out-of-memory condition and resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs to be able to process a specially crafted GNU tar pax 1.0 archive with the application using the archive/tar package. Additionally, this issue can cause the Go application to allocate a large amount of memory, eventually leading to an out-of-memory condition and resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58183"
},
{
"category": "external",
"summary": "RHBZ#2407258",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2407258"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58183",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58183"
},
{
"category": "external",
"summary": "https://go.dev/cl/709861",
"url": "https://go.dev/cl/709861"
},
{
"category": "external",
"summary": "https://go.dev/issue/75677",
"url": "https://go.dev/issue/75677"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI",
"url": "https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4014",
"url": "https://pkg.go.dev/vuln/GO-2025-4014"
}
],
"release_date": "2025-10-29T22:10:14.376000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-25T11:00:00+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes",
"product_ids": [
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26541"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/tar: Unbounded allocation when parsing GNU sparse map"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-25T11:00:00+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes",
"product_ids": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26541"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-25T11:00:00+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes",
"product_ids": [
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26541"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-25T11:00:00+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes",
"product_ids": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26541"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-25T11:00:00+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes",
"product_ids": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26541"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-25T11:00:00+00:00",
"details": "For OpenShift Container Platform 4.13 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.redhat.com/en/documentation/openshift_container_platform/4.13/html/release_notes",
"product_ids": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26541"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:containernetworking-plugins-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debuginfo-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:containernetworking-plugins-debugsource-1:1.4.0-7.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:podman-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-catatonit-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-debugsource-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-docker-3:4.4.1-19.rhaos4.13.el8.noarch",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:podman-tests-3:4.4.1-19.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.src",
"8Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el8.x86_64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.aarch64",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.ppc64le",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.s390x",
"8Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el8.x86_64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:podman-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-debugsource-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-docker-3:4.4.1-20.rhaos4.13.el9.noarch",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-gvproxy-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-plugins-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-remote-debuginfo-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:podman-tests-3:4.4.1-20.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.src",
"9Base-RHOSE-4.13:skopeo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debuginfo-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-debugsource-2:1.11.3-6.rhaos4.13.el9.x86_64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.aarch64",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.ppc64le",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.s390x",
"9Base-RHOSE-4.13:skopeo-tests-2:1.11.3-6.rhaos4.13.el9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
}
]
}
RHSA-2026:26636
Vulnerability from csaf_redhat - Published: 2026-06-17 15:22 - Updated: 2026-06-30 17:10Summary
Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.19.0-1 Update
Severity
Important
Notes
Topic: Custom Metrics Autoscaler Operator for Red Hat OpenShift updates.
The following updates for the Custom Metric Autoscaler operator for Red Hat
OpenShift are now available:
* custom-metrics-autoscaler-adapter-container
* custom-metrics-autoscaler-admission-webhooks-container
* custom-metrics-autoscaler-container
* custom-metrics-autoscaler-operator-bundle-container
* custom-metrics-autoscaler-operator-container
* custom-metrics-autoscaler-http-add-on-interceptor-container
* custom-metrics-autoscaler-http-add-on-operator-container
* custom-metrics-autoscaler-http-add-on-scaler-container
Details: The Custom Metrics Autoscaler Operator for Red Hat OpenShift is an optional operator, based on the Kubernetes Event Driven Autoscaler (KEDA), which allows workloads to be scaled using additional metrics sources other than pod metrics.
This release is based upon KEDA 2.19.0
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Threats
Impact
Important
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Threats
Impact
Moderate
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Threats
Impact
Important
A flaw was found in Go's `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.
5.9 (Medium)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Vendor Fix
fix
Workaround
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
|
Known not affected
25 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — | ||
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Threats
Impact
Important
A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.
8.3 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.
8.3 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x | — |
Workaround
|
|
| Unresolved product id: Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 | — |
Workaround
|
Threats
Impact
Important
References
99 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Custom Metrics Autoscaler Operator for Red Hat OpenShift updates.\n\nThe following updates for the Custom Metric Autoscaler operator for Red Hat\nOpenShift are now available:\n\n* custom-metrics-autoscaler-adapter-container\n* custom-metrics-autoscaler-admission-webhooks-container\n* custom-metrics-autoscaler-container\n* custom-metrics-autoscaler-operator-bundle-container\n* custom-metrics-autoscaler-operator-container\n* custom-metrics-autoscaler-http-add-on-interceptor-container\n* custom-metrics-autoscaler-http-add-on-operator-container\n* custom-metrics-autoscaler-http-add-on-scaler-container",
"title": "Topic"
},
{
"category": "general",
"text": "The Custom Metrics Autoscaler Operator for Red Hat OpenShift is an optional operator, based on the Kubernetes Event Driven Autoscaler (KEDA), which allows workloads to be scaled using additional metrics sources other than pod metrics.\nThis release is based upon KEDA 2.19.0",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:26636",
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61728",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-68121",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-25679",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32280",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32281",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32282",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-32283",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33815",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-33816",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-34986",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_26636.json"
}
],
"title": "Red Hat Security Advisory: Custom Metrics Autoscaler Operator for Red Hat OpenShift 2.19.0-1 Update",
"tracking": {
"current_release_date": "2026-06-30T17:10:56+00:00",
"generator": {
"date": "2026-06-30T17:10:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:26636",
"initial_release_date": "2026-06-17T15:22:46+00:00",
"revision_history": [
{
"date": "2026-06-17T15:22:46+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-17T15:22:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T17:10:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Custom Metric Autoscaler 2.19",
"product": {
"name": "Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2.19::el9"
}
}
}
],
"category": "product_family",
"name": "Custom Metric Autoscaler"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9-operator@sha256%3A364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator\u0026tag=1779953535"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-operator-bundle@sha256%3A6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle\u0026tag=1780104005"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256%3A46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9\u0026tag=1780088012"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256%3A8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9\u0026tag=1780088020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256%3A68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9\u0026tag=1780088006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-adapter-rhel9@sha256%3A203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9\u0026tag=1780101236"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9@sha256%3Acfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9\u0026tag=1780101239"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256%3A2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8?arch=amd64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9\u0026tag=1780101226"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9-operator@sha256%3A09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator\u0026tag=1779953535"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256%3A76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9\u0026tag=1780088012"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256%3Ab8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9\u0026tag=1780088020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256%3A4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9\u0026tag=1780088006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-adapter-rhel9@sha256%3A5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9\u0026tag=1780101236"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9@sha256%3A54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9\u0026tag=1780101239"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256%3A0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376?arch=arm64\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9\u0026tag=1780101226"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9-operator@sha256%3A475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator\u0026tag=1779953535"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256%3A1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9\u0026tag=1780088012"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256%3A9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9\u0026tag=1780088020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256%3A4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9\u0026tag=1780088006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-adapter-rhel9@sha256%3Aafea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9\u0026tag=1780101236"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9@sha256%3A0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9\u0026tag=1780101239"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256%3Afef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9?arch=ppc64le\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9\u0026tag=1780101226"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9-operator@sha256%3A53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator\u0026tag=1779953535"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256%3Aa52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9\u0026tag=1780088012"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256%3A1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9\u0026tag=1780088020"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256%3A71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9\u0026tag=1780088006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-adapter-rhel9@sha256%3Afa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9\u0026tag=1780101236"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-rhel9@sha256%3Ab875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9\u0026tag=1780101239"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"product": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"product_id": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256%3Acff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7?arch=s390x\u0026repository_url=registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9\u0026tag=1780101226"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64 as a component of Custom Metric Autoscaler 2.19",
"product_id": "Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
},
"product_reference": "registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64",
"relates_to_product_reference": "Custom Metric Autoscaler 2.19"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32281",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2026-04-08T02:01:00.930989+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456333"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s `crypto/x509` package. A remote attacker could exploit this by presenting a specially crafted certificate chain containing a large number of policy mappings. This inefficient validation process consumes excessive resources, which can lead to a denial of service (DoS) for applications or systems performing certificate validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw occurs during the validation of otherwise trusted certificate chains that contain a large number of policy mappings, leading to excessive resource consumption. Exploitation requires an attacker to present a specially crafted, yet trusted, certificate chain which would require the attacker has already compromised a trusted certificate root. Red Hat continuously monitors certificate authorities and curates the set which is trusted by default for Red Hat products.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32281"
},
{
"category": "external",
"summary": "RHBZ#2456333",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456333"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32281"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32281"
},
{
"category": "external",
"summary": "https://go.dev/cl/758061",
"url": "https://go.dev/cl/758061"
},
{
"category": "external",
"summary": "https://go.dev/issue/78281",
"url": "https://go.dev/issue/78281"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4946",
"url": "https://pkg.go.dev/vuln/GO-2026-4946"
}
],
"release_date": "2026-04-08T01:06:58.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Denial of Service via inefficient certificate chain validation"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
},
{
"cve": "CVE-2026-33815",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:25.130006+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455975"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx. This memory-safety vulnerability could potentially lead to unexpected behavior or system instability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33815"
},
{
"category": "external",
"summary": "RHBZ#2455975",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455975"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33815",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33815"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33815"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4771",
"url": "https://pkg.go.dev/vuln/GO-2026-4771"
}
],
"release_date": "2026-04-07T15:19:24.344000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-33816",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"discovery_date": "2026-04-07T16:01:14.142946+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455972"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in github.com/jackc/pgx, a PostgreSQL driver for Go. This memory-safety vulnerability could allow an attacker to cause various impacts, such as denial of service (DoS) or potentially arbitrary code execution, by exploiting memory corruption issues. The exact method of exploitation and specific consequences would depend on the nature of the memory corruption.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33816"
},
{
"category": "external",
"summary": "RHBZ#2455972",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455972"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33816",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33816"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4772",
"url": "https://pkg.go.dev/vuln/GO-2026-4772"
}
],
"release_date": "2026-04-07T15:19:24.529000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/jackc/pgx/v5: github.com/jackc/pgx: Memory-safety vulnerability"
},
{
"cve": "CVE-2026-34986",
"cwe": {
"id": "CWE-131",
"name": "Incorrect Calculation of Buffer Size"
},
"discovery_date": "2026-04-06T17:01:34.639203+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2455470"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go JOSE, a library for handling JSON Web Encryption (JWE) objects. A remote attacker could exploit this vulnerability by providing a specially crafted JWE object. When decrypting such an object, if a key wrapping algorithm is specified but the encrypted key field is empty, the application can crash. This leads to a denial of service (DoS), making the affected service unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"known_not_affected": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-34986"
},
{
"category": "external",
"summary": "RHBZ#2455470",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2455470"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-34986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-34986"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-34986"
},
{
"category": "external",
"summary": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8",
"url": "https://github.com/go-jose/go-jose/security/advisories/GHSA-78h2-9frx-2jm8"
},
{
"category": "external",
"summary": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants",
"url": "https://pkg.go.dev/github.com/go-jose/go-jose/v4#pkg-constants"
}
],
"release_date": "2026-04-06T16:22:45.353000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-17T15:22:46+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:26636"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:203e064cac29d057717448aea2282faeedf01001c53b613513a2a7c2bc1dc821_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:5f4d6fed84be863e1962eda68910d84a8501fffd8a04fe4506666a0e82fd5ed1_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:afea6445ec7abb46fe47cd62ac037803889fc45d1fff068d444f2f0ea977795f_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9@sha256:fa63696a69c94780f412bca7704716653cc801d1acfd50d5874b9a596ca498b4_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:0ebb907c42d8616b16f7ab34dde6f903396c9542447f86e9ac1134bd2809f376_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:2fb11102cf802c65fc7f02e65ffe39235174261acd40ef643aa283bc9f413da8_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:cff2cc97baf0fdc548aa8c8e71e379d3414bf59ab07a3850a73495a07e2676d7_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9@sha256:fef28d3c1c71923a4ca4845360e30d6ce10049e0cbf17aee7c6936e8577586a9_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:1e36af903bff954a9cd4c7df4b39e4e608cbbceec209de779ac3a330c7297d9a_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:46c5f3ea8bf9b9e46d57510ef38759f9e4ef7346299a0757d0253d38bb94670f_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:76b6f3115f75683c4e667ff7e97e6ff763a20f8d208126e1c578929ee691423b_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-interceptor-rhel9@sha256:a52f8f6b446d0a2037fd576a05438a2dcc0b6a9236f8d3492a2107aab4474bf6_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:1e3451cf5047a4c46a88022aeb58ce5cd939c2653b7ece3a4f588d6fac98b97d_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:8a3ff37bf8531c90e730f5a95a66006ec3a6e500e2d8e9594d1bf5b7eb47ee81_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:9a04175e4f015a63636055ef25c1979cebbd3fab0da1a605c9440f5949f470ef_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-operator-rhel9@sha256:b8db747e81a9c6f910b1a7eeaf1fbfd0409caf614bc6ddf60085c0f2a785e0b2_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4766579573cc93a09e419e3db97cc6bcdef2fe5e636a2f61827b65c72be43567_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:4bd8487f5cb845237b4d82a8e47be093f5784a79ebdec2a941846fdd996c29b4_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:68cc28bec85f0bcfeda1f97fb05fe5c4b3b0cf2b894136b326077b900ee2baf2_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-http-add-on-scaler-rhel9@sha256:71db2331e64153d5c74139dd903851b4c938fd47fa2d109192a20e29464d5298_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle@sha256:6b3c99042b4e92421149a1abff73e72f7e27d8b54f9cb437bad1adcb522b0a02_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:09d84c608ca161199eebf7b33f00d9cba7f843e8f07f7496d991c525f5667952_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:364c3fa02a182247e175740bd7699b946f32329c8ea8ae5ea21ae0ccc516cabb_amd64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:475c79f752cd0edd372c4835ebf9507b0dfb1693ffbe4b114a661908a53c02e4_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator@sha256:53727f920105c3184ba25a77ad861a29413bc16368f5a432f6e2feaa4c30f379_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:0babd8144a4ec880feb3a51043804bffadb261e46f318728c7878bcb8169628e_ppc64le",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:54b6bdae6abb33e94d6ec8e236cc25e5e775d61557c9ce349b0376e5380d2859_arm64",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:b875d8b089d99631e2e956f5fff58a3028545c6c7501591ce39fca45f33e62ff_s390x",
"Custom Metric Autoscaler 2.19:registry.redhat.io/custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9@sha256:cfecbaa68944d1ed40c0dab27b1a034ba429badf9572cc367a34f2c1b7ebb1b4_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/go-jose/go-jose/v3: github.com/go-jose/go-jose/v4: Go JOSE: Denial of Service via crafted JSON Web Encryption (JWE) object"
}
]
}
RHSA-2026:2681
Vulnerability from csaf_redhat - Published: 2026-02-12 17:29 - Updated: 2026-06-30 17:01Summary
Red Hat Security Advisory: Red Hat Quay 3.16.2
Severity
Important
Notes
Topic: Red Hat Quay 3.16.2 is now available with bug fixes.
Details: Quay 3.16.2
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
8.2 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Vendor Fix
fix
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Threats
Impact
Important
A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container's /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instead bind-mount the symlink target read-write.
8.2 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
8.2 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
20 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Vendor Fix
fix
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Threats
Impact
Important
A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Vendor Fix
fix
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Threats
Impact
Important
A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Workaround
|
Threats
Impact
Important
urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Vendor Fix
fix
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Threats
Impact
Important
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
7.1 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x | — |
Workaround
|
Threats
Impact
Important
References
104 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.16.2 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.16.2",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2681",
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-34156",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45337",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15284",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-31133",
"url": "https://access.redhat.com/security/cve/CVE-2025-31133"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65945",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66471",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-21441",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2681.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.16.2",
"tracking": {
"current_release_date": "2026-06-30T17:01:39+00:00",
"generator": {
"date": "2026-06-30T17:01:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:2681",
"initial_release_date": "2026-02-12T17:29:21+00:00",
"revision_history": [
{
"date": "2026-02-12T17:29:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-16T18:38:34+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T17:01:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.16",
"product": {
"name": "Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.16::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816239"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3A1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770762347"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3Adda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770817752"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3A5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816399"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770230686"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3A8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3A9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816381"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3Afa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770841176"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3A64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816415"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3A35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770836901"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3Ae3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770762347"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3Ac96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816399"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3A76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3Aafe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816381"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3A8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816415"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3A9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770836901"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel9@sha256%3A9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770762347"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel9@sha256%3A3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816399"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel9@sha256%3A146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816438"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel9@sha256%3Abf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816381"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel9@sha256%3Abbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770816415"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3A45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770836901"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"product_id": "registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel9@sha256%3A96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b?arch=arm64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770836901"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64 as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"relates_to_product_reference": "Red Hat Quay 3.16"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le as a component of Red Hat Quay 3.16",
"product_id": "Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.16"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-15284",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-29T23:00:58.541337+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2425946"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in qs, a module used for parsing query strings. A remote attacker can exploit an improper input validation vulnerability by sending specially crafted HTTP requests that use bracket notation (e.g., `a[]=value`). This bypasses the `arrayLimit` option, which is designed to limit the size of parsed arrays and prevent resource exhaustion. Successful exploitation can lead to memory exhaustion, causing a Denial of Service (DoS) where the application crashes or becomes unresponsive, making the service unavailable to users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "qs: qs: Denial of Service via improper input validation in array parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products that utilize the `qs` module for parsing query strings, particularly when processing user-controlled input with bracket notation. The `arrayLimit` option, intended to prevent resource exhaustion, is bypassed when bracket notation (`a[]=value`) is used, allowing a remote attacker to cause a denial of service through memory exhaustion. This can lead to application crashes or unresponsiveness, making the service unavailable.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15284"
},
{
"category": "external",
"summary": "RHBZ#2425946",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2425946"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15284",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15284"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15284"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9",
"url": "https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"
},
{
"category": "external",
"summary": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p",
"url": "https://github.com/ljharb/qs/security/advisories/GHSA-6rw7-vpxm-498p"
}
],
"release_date": "2025-12-29T22:56:45.240000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "qs: qs: Denial of Service via improper input validation in array parsing"
},
{
"cve": "CVE-2025-31133",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:17:18.235000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404705"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This flaw exploits an issue with how masked paths are implementedin runc. When masking files, runc will bind-mount the container\u0027s /dev/null inode on top of the file. However, if an attacker can replace /dev/null with a symlink to some other procfs file, runc will instead bind-mount the symlink target read-write.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: container escape via \u0027masked path\u0027 abuse due to mount race conditions",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-31133"
},
{
"category": "external",
"summary": "RHBZ#2404705",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404705"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-31133",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-31133"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-31133",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-31133"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-9493-h29p-rfm2"
}
],
"release_date": "2025-11-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using user namespaces, with the host root user not mapped into the container\u0027s namespace. procfs file permissions are managed using Unix\nDAC and thus user namespaces stop a container process from being able to write to them.\n\n* Not running as a root user in the container (this includes disabling setuid binaries with noNewPrivileges). As above, procfs file permissions are managed using Unix DAC and thus non-root users cannot write to them.\n\n* Depending on the maskedPath configuration (the default configuratio nonly masks paths in /proc and /sys), using an AppArmor that blocks unexpectedwrites to any maskedPaths (as is the case with the defaultprofile used by Docker and Podman) will block attempts to exploit this issue. However, CVE-2025-52881 allows an attacker to bypass LSMlabels, and so this mitigation is not helpful when considered incombination with CVE-2025-52881.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: container escape via \u0027masked path\u0027 abuse due to mount race conditions"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-65945",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-12-04T19:01:14.733682+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "RHBZ#2418904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e",
"url": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x",
"url": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x"
}
],
"release_date": "2025-12-04T18:45:37.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66471",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2025-12-05T17:02:21.597728+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419467"
}
],
"notes": [
{
"category": "description",
"text": "A decompression handling flaw has been discovered in urllib3. When streaming a compressed response, urllib3 can perform decoding or decompression based on the HTTP Content-Encoding header (e.g., gzip, deflate, br, or zstd). The library must read compressed data from the network and decompress it until the requested chunk size is met. Any resulting decompressed data that exceeds the requested amount is held in an internal buffer for the next read operation. The decompression logic could cause urllib3 to fully decode a small amount of highly compressed data in a single operation. This can result in excessive resource consumption (high CPU usage and massive memory allocation for the decompressed data; CWE-409) on the client side, even if the application only requested a small chunk of data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 Streaming API improperly handles highly compressed data",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66471"
},
{
"category": "external",
"summary": "RHBZ#2419467",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419467"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66471",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66471"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66471"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7",
"url": "https://github.com/urllib3/urllib3/commit/c19571de34c47de3a766541b041637ba5f716ed7"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-2xpw-w6gg-jr37"
}
],
"release_date": "2025-12-05T16:06:08.531000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 Streaming API improperly handles highly compressed data"
},
{
"cve": "CVE-2026-21441",
"cwe": {
"id": "CWE-409",
"name": "Improper Handling of Highly Compressed Data (Data Amplification)"
},
"discovery_date": "2026-01-07T23:01:59.422078+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427726"
}
],
"notes": [
{
"category": "description",
"text": "urllib3 is an HTTP client library for Python. urllib3\u0027s streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the library decompresses only the necessary bytes, enabling partial content consumption. Starting in version 1.22 and prior to version 2.6.3, for HTTP redirect responses, the library would read the entire response body to drain the connection and decompress the content unnecessarily. This decompression occurred even before any read methods were called, and configured read limits did not restrict the amount of decompressed data. As a result, there was no safeguard against decompression bombs. A malicious server could exploit this to trigger excessive resource consumption on the client. Applications and libraries are affected when they stream content from untrusted sources by setting `preload_content=False` when they do not disable redirects. Users should upgrade to at least urllib3 v2.6.3, in which the library does not decode content of redirect responses when `preload_content=False`. If upgrading is not immediately possible, disable redirects by setting `redirect=False` for requests to untrusted source.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-21441"
},
{
"category": "external",
"summary": "RHBZ#2427726",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427726"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-21441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-21441"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-21441"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b",
"url": "https://github.com/urllib3/urllib3/commit/8864ac407bba8607950025e0979c4c69bc7abc7b"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-38jv-5279-wg99"
}
],
"release_date": "2026-01-07T22:09:01.936000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3 vulnerable to decompression-bomb safeguard bypass when following HTTP redirects (streaming API)"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-12T17:29:21+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:9784029a9d44a605dd28583416a7322c84189f4ee8e1bfa1be822d9260639d35_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:afe2137c2002e07f27b105b9db90030ca0f3347a038ab8418d257dabe7aefcd1_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/clair-rhel9@sha256:bf85b1b91bcbaea8cb0fc021d1f590ba3da4e0b2f8703cb449791ece5930d68c_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:dda553368706ad66215cc95b9b0306808531b0ed92b7dc7880cd2c95f8e0faed_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:3b252ccf24df27ea02a005d734eb501abf989b97b5d9e3ff57aa3b7e9633f165_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:5eb5f4aafd4fa3b53c6477424946f743bf5236ac434ddffa8a887a26a47e0fab_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-bridge-operator-rhel9@sha256:c96f472d44fff765175c4ee77ddb94bfac580105900f5e21274e959099bb97fa_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:6ac48cf92c9bb3d6eac9645ef203bcd2e475da36c182eed9ceadc3490e77a042_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:146699ff1cd4f8fdf19594ad5ce11dcafe9f8a266c94b104826c871b675f92e1_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:76354449e4e8b67bfbbfae10337b7d50fc657c909c8798fddb95dee408c3a9f2_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-builder-rhel9@sha256:8166562a51177faff8e520980153e1760a4863417a824ac15deb4314afcf1925_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:77387c33232561396c8826a393d17771bf88aaad90436c4e1e5aa36891840b16_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:1f03a49fec5f575e98c3f37ee081d5510a87172e72bc66627f935314d11a67c4_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:9969081b9da11f5a56d3ebf9ccd9428d9d59741c058abe4510e7ae3375a11519_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-container-security-operator-rhel9@sha256:e3ab3a505d3d08f7bad3c899f40727e2de524cd14c4c44b00f44b7b42f7ddd21_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-bundle@sha256:fa64c1d47fc10d14120ec9e7afc2e253620fdc28592f4d859350db4fbdf0fae2_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:64adacf9cccd05601f4a7b38a7cd55d55291583dc9d33e4cfd1e4fd426cd0936_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:8a1b8eedcb8e36ddfb1982062ad379c4f65f95260545d05d0cf10918427089d8_ppc64le",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-operator-rhel9@sha256:bbbd11d9b959ef12ae61a7975ffb08541797b0fad2d098781ec4543fd4ac2893_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:35e3dc29e64bae8c0b35d7884281397c58165a5b145676919452a02b9f56ee4c_amd64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:45de5fc478cb2734b672630c67ffee4e6b98954848b97ea9a1cc9903a53dbf8e_s390x",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:96588daff01f27db2ee335dcd957e9dec7f38a2c573e2968d9bc5835edc2957b_arm64",
"Red Hat Quay 3.16:registry.redhat.io/quay/quay-rhel9@sha256:9f58fc80db29fa44684c6e39bb2eda06e86ba34801d5e04468941ac8d0b754eb_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
}
]
}
RHSA-2026:2706
Vulnerability from csaf_redhat - Published: 2026-02-16 09:40 - Updated: 2026-06-30 15:49Summary
Red Hat Security Advisory: golang security update
Severity
Important
Notes
Topic: An update for golang is now available for Red Hat Enterprise Linux 10.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The golang packages provide the Go programming language compiler.
Security Fix(es):
* golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)
* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
* cmd/cgo: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)
* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go's 'cgo tool'. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then "smuggled" into the compiled `cgo` binary. An attacker could exploit this to embed and execute arbitrary code, potentially leading to significant system compromise.
7.4 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang is now available for Red Hat Enterprise Linux 10.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* cmd/cgo: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)\n\n* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2706",
"url": "https://access.redhat.com/errata/RHSA-2026:2706"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437016"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2706.json"
}
],
"title": "Red Hat Security Advisory: golang security update",
"tracking": {
"current_release_date": "2026-06-30T15:49:28+00:00",
"generator": {
"date": "2026-06-30T15:49:28+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:2706",
"initial_release_date": "2026-02-16T09:40:31+00:00",
"revision_history": [
{
"date": "2026-02-16T09:40:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-16T09:40:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T15:49:28+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:10.1"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.7-1.el10_1.aarch64",
"product": {
"name": "go-toolset-0:1.25.7-1.el10_1.aarch64",
"product_id": "go-toolset-0:1.25.7-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.7-1.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.el10_1.aarch64",
"product": {
"name": "golang-0:1.25.7-1.el10_1.aarch64",
"product_id": "golang-0:1.25.7-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.7-1.el10_1.aarch64",
"product": {
"name": "golang-bin-0:1.25.7-1.el10_1.aarch64",
"product_id": "golang-bin-0:1.25.7-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.7-1.el10_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.7-1.el10_1.aarch64",
"product": {
"name": "golang-race-0:1.25.7-1.el10_1.aarch64",
"product_id": "golang-race-0:1.25.7-1.el10_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.7-1.el10_1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.7-1.el10_1.ppc64le",
"product": {
"name": "go-toolset-0:1.25.7-1.el10_1.ppc64le",
"product_id": "go-toolset-0:1.25.7-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.7-1.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.el10_1.ppc64le",
"product": {
"name": "golang-0:1.25.7-1.el10_1.ppc64le",
"product_id": "golang-0:1.25.7-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.7-1.el10_1.ppc64le",
"product": {
"name": "golang-bin-0:1.25.7-1.el10_1.ppc64le",
"product_id": "golang-bin-0:1.25.7-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.7-1.el10_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.7-1.el10_1.ppc64le",
"product": {
"name": "golang-race-0:1.25.7-1.el10_1.ppc64le",
"product_id": "golang-race-0:1.25.7-1.el10_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.7-1.el10_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.7-1.el10_1.x86_64",
"product": {
"name": "go-toolset-0:1.25.7-1.el10_1.x86_64",
"product_id": "go-toolset-0:1.25.7-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.7-1.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.el10_1.x86_64",
"product": {
"name": "golang-0:1.25.7-1.el10_1.x86_64",
"product_id": "golang-0:1.25.7-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.7-1.el10_1.x86_64",
"product": {
"name": "golang-bin-0:1.25.7-1.el10_1.x86_64",
"product_id": "golang-bin-0:1.25.7-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.7-1.el10_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.7-1.el10_1.x86_64",
"product": {
"name": "golang-race-0:1.25.7-1.el10_1.x86_64",
"product_id": "golang-race-0:1.25.7-1.el10_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.7-1.el10_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.7-1.el10_1.s390x",
"product": {
"name": "go-toolset-0:1.25.7-1.el10_1.s390x",
"product_id": "go-toolset-0:1.25.7-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.7-1.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.el10_1.s390x",
"product": {
"name": "golang-0:1.25.7-1.el10_1.s390x",
"product_id": "golang-0:1.25.7-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.7-1.el10_1.s390x",
"product": {
"name": "golang-bin-0:1.25.7-1.el10_1.s390x",
"product_id": "golang-bin-0:1.25.7-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.7-1.el10_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.7-1.el10_1.s390x",
"product": {
"name": "golang-race-0:1.25.7-1.el10_1.s390x",
"product_id": "golang-race-0:1.25.7-1.el10_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.7-1.el10_1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.25.7-1.el10_1.src",
"product": {
"name": "golang-0:1.25.7-1.el10_1.src",
"product_id": "golang-0:1.25.7-1.el10_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.el10_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.25.7-1.el10_1.noarch",
"product": {
"name": "golang-docs-0:1.25.7-1.el10_1.noarch",
"product_id": "golang-docs-0:1.25.7-1.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.25.7-1.el10_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.25.7-1.el10_1.noarch",
"product": {
"name": "golang-misc-0:1.25.7-1.el10_1.noarch",
"product_id": "golang-misc-0:1.25.7-1.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.25.7-1.el10_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.25.7-1.el10_1.noarch",
"product": {
"name": "golang-src-0:1.25.7-1.el10_1.noarch",
"product_id": "golang-src-0:1.25.7-1.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.25.7-1.el10_1?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.25.7-1.el10_1.noarch",
"product": {
"name": "golang-tests-0:1.25.7-1.el10_1.noarch",
"product_id": "golang-tests-0:1.25.7-1.el10_1.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.25.7-1.el10_1?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.7-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64"
},
"product_reference": "go-toolset-0:1.25.7-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.7-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le"
},
"product_reference": "go-toolset-0:1.25.7-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.7-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x"
},
"product_reference": "go-toolset-0:1.25.7-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.7-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64"
},
"product_reference": "go-toolset-0:1.25.7-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64"
},
"product_reference": "golang-0:1.25.7-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le"
},
"product_reference": "golang-0:1.25.7-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x"
},
"product_reference": "golang-0:1.25.7-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.el10_1.src as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src"
},
"product_reference": "golang-0:1.25.7-1.el10_1.src",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64"
},
"product_reference": "golang-0:1.25.7-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.7-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64"
},
"product_reference": "golang-bin-0:1.25.7-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.7-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le"
},
"product_reference": "golang-bin-0:1.25.7-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.7-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x"
},
"product_reference": "golang-bin-0:1.25.7-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.7-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64"
},
"product_reference": "golang-bin-0:1.25.7-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.25.7-1.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch"
},
"product_reference": "golang-docs-0:1.25.7-1.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.25.7-1.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch"
},
"product_reference": "golang-misc-0:1.25.7-1.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.7-1.el10_1.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64"
},
"product_reference": "golang-race-0:1.25.7-1.el10_1.aarch64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.7-1.el10_1.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le"
},
"product_reference": "golang-race-0:1.25.7-1.el10_1.ppc64le",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.7-1.el10_1.s390x as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x"
},
"product_reference": "golang-race-0:1.25.7-1.el10_1.s390x",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.7-1.el10_1.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64"
},
"product_reference": "golang-race-0:1.25.7-1.el10_1.x86_64",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.25.7-1.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch"
},
"product_reference": "golang-src-0:1.25.7-1.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.25.7-1.el10_1.noarch as a component of Red Hat Enterprise Linux AppStream (v. 10)",
"product_id": "AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
},
"product_reference": "golang-tests-0:1.25.7-1.el10_1.noarch",
"relates_to_product_reference": "AppStream-10.1.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T09:40:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2706"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T09:40:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2706"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61732",
"discovery_date": "2026-02-05T05:00:47.678207+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s \u0027cgo tool\u0027. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then \"smuggled\" into the compiled `cgo` binary. An attacker could exploit this to embed and execute arbitrary code, potentially leading to significant system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability in the `cmd/cgo` component of the Go toolchain. A parsing discrepancy between Go and C/C++ comments could allow for code smuggling into the resulting `cgo` binary. This primarily affects systems where untrusted Go modules utilizing `cgo` are built, impacting Red Hat Enterprise Linux and OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61732"
},
{
"category": "external",
"summary": "RHBZ#2437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"category": "external",
"summary": "https://go.dev/cl/734220",
"url": "https://go.dev/cl/734220"
},
{
"category": "external",
"summary": "https://go.dev/issue/76697",
"url": "https://go.dev/issue/76697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4433",
"url": "https://pkg.go.dev/vuln/GO-2026-4433"
}
],
"release_date": "2026-02-05T03:42:26.392000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T09:40:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2706"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T09:40:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2706"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:go-toolset-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.src",
"AppStream-10.1.Z:golang-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-bin-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-docs-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-misc-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.aarch64",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.ppc64le",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.s390x",
"AppStream-10.1.Z:golang-race-0:1.25.7-1.el10_1.x86_64",
"AppStream-10.1.Z:golang-src-0:1.25.7-1.el10_1.noarch",
"AppStream-10.1.Z:golang-tests-0:1.25.7-1.el10_1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
}
]
}
RHSA-2026:2708
Vulnerability from csaf_redhat - Published: 2026-02-16 10:08 - Updated: 2026-06-30 15:49Summary
Red Hat Security Advisory: go-toolset:rhel8 security update
Severity
Important
Notes
Topic: An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)
* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
* cmd/cgo: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)
* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go's 'cgo tool'. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then "smuggled" into the compiled `cgo` binary. An attacker could exploit this to embed and execute arbitrary code, potentially leading to significant system compromise.
7.4 (High)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Affected products
Fixed
31 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. \n\nSecurity Fix(es):\n\n* golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* cmd/cgo: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)\n\n* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2708",
"url": "https://access.redhat.com/errata/RHSA-2026:2708"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437016"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2708.json"
}
],
"title": "Red Hat Security Advisory: go-toolset:rhel8 security update",
"tracking": {
"current_release_date": "2026-06-30T15:49:30+00:00",
"generator": {
"date": "2026-06-30T15:49:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:2708",
"initial_release_date": "2026-02-16T10:08:41+00:00",
"revision_history": [
{
"date": "2026-02-16T10:08:41+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-16T10:08:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T15:49:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"product": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src (go-toolset:rhel8)",
"product_id": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=src\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src (go-toolset:rhel8)",
"product_id": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=src\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"product": {
"name": "golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch (go-toolset:rhel8)",
"product_id": "golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"product": {
"name": "golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch (go-toolset:rhel8)",
"product_id": "golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"product": {
"name": "golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch (go-toolset:rhel8)",
"product_id": "golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"product": {
"name": "golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch (go-toolset:rhel8)",
"product_id": "golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=noarch\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8)",
"product_id": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64 (go-toolset:rhel8)",
"product_id": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8)",
"product_id": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le (go-toolset:rhel8)",
"product_id": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le (go-toolset:rhel8)",
"product_id": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8)",
"product_id": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.25.2-1.module%2Bel8.10.0%2B23746%2B9db33b5e?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64 (go-toolset:rhel8)",
"product_id": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64 (go-toolset:rhel8)",
"product_id": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"product": {
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x (go-toolset:rhel8)",
"product_id": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"product": {
"name": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x (go-toolset:rhel8)",
"product_id": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.7-1.module%2Bel8.10.0%2B23993%2B83a15e10?arch=s390x\u0026rpmmod=go-toolset:rhel8:8100020260212045823:a3795dee"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8"
},
"product_reference": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8"
},
"product_reference": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
},
"product_reference": "golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
},
"product_reference": "golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
},
"product_reference": "golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
},
"product_reference": "golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.10.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T10:08:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2708"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T10:08:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2708"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61732",
"discovery_date": "2026-02-05T05:00:47.678207+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s \u0027cgo tool\u0027. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then \"smuggled\" into the compiled `cgo` binary. An attacker could exploit this to embed and execute arbitrary code, potentially leading to significant system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability in the `cmd/cgo` component of the Go toolchain. A parsing discrepancy between Go and C/C++ comments could allow for code smuggling into the resulting `cgo` binary. This primarily affects systems where untrusted Go modules utilizing `cgo` are built, impacting Red Hat Enterprise Linux and OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61732"
},
{
"category": "external",
"summary": "RHBZ#2437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"category": "external",
"summary": "https://go.dev/cl/734220",
"url": "https://go.dev/cl/734220"
},
{
"category": "external",
"summary": "https://go.dev/issue/76697",
"url": "https://go.dev/issue/76697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4433",
"url": "https://pkg.go.dev/vuln/GO-2026-4433"
}
],
"release_date": "2026-02-05T03:42:26.392000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T10:08:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2708"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T10:08:41+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2708"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debuginfo-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:delve-debugsource-0:1.25.2-1.module+el8.10.0+23746+9db33b5e.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:go-toolset-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.src::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-bin-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-docs-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-misc-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.aarch64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.ppc64le::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.s390x::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-race-0:1.25.7-1.module+el8.10.0+23993+83a15e10.x86_64::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-src-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8",
"AppStream-8.10.0.Z.MAIN.EUS:golang-tests-0:1.25.7-1.module+el8.10.0+23993+83a15e10.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
}
]
}
RHSA-2026:2709
Vulnerability from csaf_redhat - Published: 2026-02-16 10:32 - Updated: 2026-06-30 15:49Summary
Red Hat Security Advisory: golang security update
Severity
Important
Notes
Topic: An update for golang is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details: The golang packages provide the Go programming language compiler.
Security Fix(es):
* golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)
* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)
* cmd/cgo: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)
* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in Go's 'cgo tool'. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then "smuggled" into the compiled `cgo` binary. An attacker could exploit this to embed and execute arbitrary code, potentially leading to significant system compromise.
7.4 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Affected products
Fixed
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
37 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for golang is now available for Red Hat Enterprise Linux 9.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip (CVE-2025-61728)\n\n* golang: net/url: Memory exhaustion in query parameter parsing in net/url (CVE-2025-61726)\n\n* cmd/cgo: Potential code smuggling via doc comments in cmd/cgo (CVE-2025-61732)\n\n* crypto/tls: Unexpected session resumption in crypto/tls (CVE-2025-68121)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2709",
"url": "https://access.redhat.com/errata/RHSA-2026:2709"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437016"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2709.json"
}
],
"title": "Red Hat Security Advisory: golang security update",
"tracking": {
"current_release_date": "2026-06-30T15:49:30+00:00",
"generator": {
"date": "2026-06-30T15:49:30+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:2709",
"initial_release_date": "2026-02-16T10:32:31+00:00",
"revision_history": [
{
"date": "2026-02-16T10:32:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-16T10:32:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T15:49:30+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:9::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.7-1.el9_7.aarch64",
"product": {
"name": "go-toolset-0:1.25.7-1.el9_7.aarch64",
"product_id": "go-toolset-0:1.25.7-1.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.7-1.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.el9_7.aarch64",
"product": {
"name": "golang-0:1.25.7-1.el9_7.aarch64",
"product_id": "golang-0:1.25.7-1.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.7-1.el9_7.aarch64",
"product": {
"name": "golang-bin-0:1.25.7-1.el9_7.aarch64",
"product_id": "golang-bin-0:1.25.7-1.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.7-1.el9_7?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.7-1.el9_7.aarch64",
"product": {
"name": "golang-race-0:1.25.7-1.el9_7.aarch64",
"product_id": "golang-race-0:1.25.7-1.el9_7.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.7-1.el9_7?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.7-1.el9_7.ppc64le",
"product": {
"name": "go-toolset-0:1.25.7-1.el9_7.ppc64le",
"product_id": "go-toolset-0:1.25.7-1.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.7-1.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.el9_7.ppc64le",
"product": {
"name": "golang-0:1.25.7-1.el9_7.ppc64le",
"product_id": "golang-0:1.25.7-1.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.7-1.el9_7.ppc64le",
"product": {
"name": "golang-bin-0:1.25.7-1.el9_7.ppc64le",
"product_id": "golang-bin-0:1.25.7-1.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.7-1.el9_7?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.7-1.el9_7.ppc64le",
"product": {
"name": "golang-race-0:1.25.7-1.el9_7.ppc64le",
"product_id": "golang-race-0:1.25.7-1.el9_7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.7-1.el9_7?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.7-1.el9_7.x86_64",
"product": {
"name": "go-toolset-0:1.25.7-1.el9_7.x86_64",
"product_id": "go-toolset-0:1.25.7-1.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.7-1.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.el9_7.x86_64",
"product": {
"name": "golang-0:1.25.7-1.el9_7.x86_64",
"product_id": "golang-0:1.25.7-1.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.7-1.el9_7.x86_64",
"product": {
"name": "golang-bin-0:1.25.7-1.el9_7.x86_64",
"product_id": "golang-bin-0:1.25.7-1.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.7-1.el9_7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.7-1.el9_7.x86_64",
"product": {
"name": "golang-race-0:1.25.7-1.el9_7.x86_64",
"product_id": "golang-race-0:1.25.7-1.el9_7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.7-1.el9_7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.25.7-1.el9_7.s390x",
"product": {
"name": "go-toolset-0:1.25.7-1.el9_7.s390x",
"product_id": "go-toolset-0:1.25.7-1.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.25.7-1.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.25.7-1.el9_7.s390x",
"product": {
"name": "golang-0:1.25.7-1.el9_7.s390x",
"product_id": "golang-0:1.25.7-1.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.25.7-1.el9_7.s390x",
"product": {
"name": "golang-bin-0:1.25.7-1.el9_7.s390x",
"product_id": "golang-bin-0:1.25.7-1.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.25.7-1.el9_7?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "golang-race-0:1.25.7-1.el9_7.s390x",
"product": {
"name": "golang-race-0:1.25.7-1.el9_7.s390x",
"product_id": "golang-race-0:1.25.7-1.el9_7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-race@1.25.7-1.el9_7?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-0:1.25.7-1.el9_7.src",
"product": {
"name": "golang-0:1.25.7-1.el9_7.src",
"product_id": "golang-0:1.25.7-1.el9_7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.25.7-1.el9_7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.25.7-1.el9_7.noarch",
"product": {
"name": "golang-docs-0:1.25.7-1.el9_7.noarch",
"product_id": "golang-docs-0:1.25.7-1.el9_7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.25.7-1.el9_7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.25.7-1.el9_7.noarch",
"product": {
"name": "golang-misc-0:1.25.7-1.el9_7.noarch",
"product_id": "golang-misc-0:1.25.7-1.el9_7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.25.7-1.el9_7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.25.7-1.el9_7.noarch",
"product": {
"name": "golang-src-0:1.25.7-1.el9_7.noarch",
"product_id": "golang-src-0:1.25.7-1.el9_7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.25.7-1.el9_7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.25.7-1.el9_7.noarch",
"product": {
"name": "golang-tests-0:1.25.7-1.el9_7.noarch",
"product_id": "golang-tests-0:1.25.7-1.el9_7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.25.7-1.el9_7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.7-1.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64"
},
"product_reference": "go-toolset-0:1.25.7-1.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.7-1.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le"
},
"product_reference": "go-toolset-0:1.25.7-1.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.7-1.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x"
},
"product_reference": "go-toolset-0:1.25.7-1.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.25.7-1.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64"
},
"product_reference": "go-toolset-0:1.25.7-1.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64"
},
"product_reference": "golang-0:1.25.7-1.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le"
},
"product_reference": "golang-0:1.25.7-1.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x"
},
"product_reference": "golang-0:1.25.7-1.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.el9_7.src as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src"
},
"product_reference": "golang-0:1.25.7-1.el9_7.src",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.25.7-1.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64"
},
"product_reference": "golang-0:1.25.7-1.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.7-1.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64"
},
"product_reference": "golang-bin-0:1.25.7-1.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.7-1.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le"
},
"product_reference": "golang-bin-0:1.25.7-1.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.7-1.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x"
},
"product_reference": "golang-bin-0:1.25.7-1.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.25.7-1.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64"
},
"product_reference": "golang-bin-0:1.25.7-1.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.25.7-1.el9_7.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch"
},
"product_reference": "golang-docs-0:1.25.7-1.el9_7.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.25.7-1.el9_7.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch"
},
"product_reference": "golang-misc-0:1.25.7-1.el9_7.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.7-1.el9_7.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64"
},
"product_reference": "golang-race-0:1.25.7-1.el9_7.aarch64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.7-1.el9_7.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le"
},
"product_reference": "golang-race-0:1.25.7-1.el9_7.ppc64le",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.7-1.el9_7.s390x as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x"
},
"product_reference": "golang-race-0:1.25.7-1.el9_7.s390x",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-race-0:1.25.7-1.el9_7.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64"
},
"product_reference": "golang-race-0:1.25.7-1.el9_7.x86_64",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.25.7-1.el9_7.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch"
},
"product_reference": "golang-src-0:1.25.7-1.el9_7.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.25.7-1.el9_7.noarch as a component of Red Hat Enterprise Linux AppStream (v. 9)",
"product_id": "AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
},
"product_reference": "golang-tests-0:1.25.7-1.el9_7.noarch",
"relates_to_product_reference": "AppStream-9.7.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T10:32:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2709"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61728",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:39.965024+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434431"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the archive/zip package in the Go standard library. A super-linear file name indexing algorithm is used in the first time a file in an archive is opened. A crafted zip archive containing a specific arrangement of file names can cause an excessive CPU and memory consumption. A Go application processing a malicious archive can become unresponsive or crash, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker needs to be able to process a malicious zip archive with an application using the archive/zip package. Additionally, this vulnerability can cause a Go application to consume an excessive amount of CPU and memory, eventually resulting in a denial of service with no other security impact. Due to these reasons, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61728"
},
{
"category": "external",
"summary": "RHBZ#2434431",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434431"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61728"
},
{
"category": "external",
"summary": "https://go.dev/cl/736713",
"url": "https://go.dev/cl/736713"
},
{
"category": "external",
"summary": "https://go.dev/issue/77102",
"url": "https://go.dev/issue/77102"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4342",
"url": "https://pkg.go.dev/vuln/GO-2026-4342"
}
],
"release_date": "2026-01-28T19:30:31.354000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T10:32:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2709"
},
{
"category": "workaround",
"details": "To mitigate this vulnerability, implement a timeout in your archive/zip processing logic to abort the operation if it exceeds a few seconds, preventing the application from consuming an excessive amount of resources.",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: archive/zip: Excessive CPU consumption when building archive index in archive/zip"
},
{
"cve": "CVE-2025-61732",
"discovery_date": "2026-02-05T05:00:47.678207+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s \u0027cgo tool\u0027. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then \"smuggled\" into the compiled `cgo` binary. An attacker could exploit this to embed and execute arbitrary code, potentially leading to significant system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability in the `cmd/cgo` component of the Go toolchain. A parsing discrepancy between Go and C/C++ comments could allow for code smuggling into the resulting `cgo` binary. This primarily affects systems where untrusted Go modules utilizing `cgo` are built, impacting Red Hat Enterprise Linux and OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61732"
},
{
"category": "external",
"summary": "RHBZ#2437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"category": "external",
"summary": "https://go.dev/cl/734220",
"url": "https://go.dev/cl/734220"
},
{
"category": "external",
"summary": "https://go.dev/issue/76697",
"url": "https://go.dev/issue/76697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4433",
"url": "https://pkg.go.dev/vuln/GO-2026-4433"
}
],
"release_date": "2026-02-05T03:42:26.392000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T10:32:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2709"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T10:32:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2709"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:go-toolset-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.src",
"AppStream-9.7.0.Z.MAIN:golang-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-bin-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-docs-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-misc-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.aarch64",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.ppc64le",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.s390x",
"AppStream-9.7.0.Z.MAIN:golang-race-0:1.25.7-1.el9_7.x86_64",
"AppStream-9.7.0.Z.MAIN:golang-src-0:1.25.7-1.el9_7.noarch",
"AppStream-9.7.0.Z.MAIN:golang-tests-0:1.25.7-1.el9_7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
}
]
}
RHSA-2026:2754
Vulnerability from csaf_redhat - Published: 2026-02-16 15:43 - Updated: 2026-06-30 17:01Summary
Red Hat Security Advisory: Red Hat Quay 3.9.18
Severity
Important
Notes
Topic: Red Hat Quay 3.9.18 is now available with bug fixes.
Details: Quay 3.9.18
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.
8.2 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Threats
Impact
Important
A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.
8.7 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.
8.2 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
1 product
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Workaround
|
Threats
Impact
Important
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Threats
Impact
Important
A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
Threats
Impact
Important
An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.
5.3 (Medium)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
Threats
Impact
Moderate
A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Threats
Impact
Important
A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.
7.5 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — | ||
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Threats
Impact
Important
A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.
7.1 (High)
Affected products
Fixed
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le | — |
Vendor Fix
fix
Workaround
|
Known not affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x | — |
Workaround
|
Threats
Impact
Important
References
102 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat Quay 3.9.18 is now available with bug fixes.",
"title": "Topic"
},
{
"category": "general",
"text": "Quay 3.9.18",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2754",
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-34156",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45337",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2024-45338",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-12816",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-52881",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61729",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-65945",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66031",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66418",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-66506",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-24049",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2754.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Quay 3.9.18",
"tracking": {
"current_release_date": "2026-06-30T17:01:41+00:00",
"generator": {
"date": "2026-06-30T17:01:41+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:2754",
"initial_release_date": "2026-02-16T15:43:51+00:00",
"revision_history": [
{
"date": "2026-02-16T15:43:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-16T17:04:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T17:01:41+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Quay 3.9",
"product": {
"name": "Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:quay:3.9::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat Quay"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-bundle@sha256%3A2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249996"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3A8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770223960"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-bundle@sha256%3A1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770249993"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770230842"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-qemu-rhcos-rhel8@sha256%3A783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133825"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991332"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770306794"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-bundle@sha256%3A0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991979"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133364"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf?arch=amd64\u0026repository_url=registry.redhat.io/quay\u0026tag=1770856103"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ac30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770223960"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770230842"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3Adbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991332"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3Ab3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770306794"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3A889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133364"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319?arch=ppc64le\u0026repository_url=registry.redhat.io/quay\u0026tag=1770856103"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"product_id": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-container-security-operator-rhel8@sha256%3Ae2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770223960"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"product_id": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-bridge-operator-rhel8@sha256%3A7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770230842"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"product_id": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-builder-rhel8@sha256%3A4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770991332"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"product": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"product_id": "registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/clair-rhel8@sha256%3A23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770306794"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"product_id": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-operator-rhel8@sha256%3Abb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770133364"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"product": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"product_id": "registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"product_identification_helper": {
"purl": "pkg:oci/quay-rhel8@sha256%3A53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874?arch=s390x\u0026repository_url=registry.redhat.io/quay\u0026tag=1770856103"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le"
},
"product_reference": "registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64 as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"relates_to_product_reference": "Red Hat Quay 3.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le as a component of Red Hat Quay 3.9",
"product_id": "Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
},
"product_reference": "registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le",
"relates_to_product_reference": "Red Hat Quay 3.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34156",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2024-09-06T21:20:09.377905+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2310528"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the encoding/gob package of the Golang standard library. Calling Decoder.Decoding, a message that contains deeply nested structures, can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in Go\u0027s `encoding/gob` package is of high severity because it exposes applications to potential Denial of Service (DoS) attacks through stack exhaustion. Since `gob` relies on recursive function calls to decode nested structures, an attacker could exploit this by sending crafted messages with excessively deep nesting, causing the application to panic due to stack overflow. This risk is particularly important in scenarios where untrusted or external input is processed, as it can lead to system unavailability or crashes, undermining the reliability and availability of services.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "RHBZ#2310528",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310528"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-34156",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34156"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-34156"
},
{
"category": "external",
"summary": "https://go.dev/cl/611239",
"url": "https://go.dev/cl/611239"
},
{
"category": "external",
"summary": "https://go.dev/issue/69139",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk",
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3106",
"url": "https://pkg.go.dev/vuln/GO-2024-3106"
}
],
"release_date": "2024-09-06T21:15:12.020000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion"
},
{
"cve": "CVE-2024-45337",
"cwe": {
"id": "CWE-285",
"name": "Improper Authorization"
},
"discovery_date": "2024-12-11T19:00:54.247490+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2331720"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the x/crypto/ssh go library. Applications and libraries that misuse the ServerConfig.PublicKeyCallback callback may be susceptible to an authorization bypass. For example, an attacker may send public keys A and B and authenticate with A. PublicKeyCallback would be called only twice, first with A and then with B. A vulnerable application may then make authorization decisions based on key B, for which the attacker does not control the private key. The misuse of ServerConfig.PublicKeyCallback may cause an authorization bypass.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is classified as important rather than critical because it does not directly enable unauthorized access but rather introduces a risk of authorization bypass if the application or library misuses the PublicKeyCallback API. The vulnerability relies on incorrect assumptions made by the application when handling the sequence or state of keys provided during SSH authentication. Properly implemented systems that use the Permissions field or avoid relying on external state remain unaffected. Additionally, the vulnerability does not allow direct exploitation to gain control over a system without the presence of insecure logic in the application\u0027s handling of authentication attempts.\n\n\nRed Hat Enterprise Linux(RHEL) 8 \u0026 9 and Red Hat Openshift marked as not affected as it was determined that the problem function `ServerConfig.PublicKeyCallback`, as noted in the CVE-2024-45337 issue, is not called by Podman, Buildah, containers-common, or the gvisor-tap-vsock projects.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45337"
},
{
"category": "external",
"summary": "RHBZ#2331720",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2331720"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45337",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45337"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45337"
},
{
"category": "external",
"summary": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909",
"url": "https://github.com/golang/crypto/commit/b4f1988a35dee11ec3e05d6bf3e90b695fbd8909"
},
{
"category": "external",
"summary": "https://go.dev/cl/635315",
"url": "https://go.dev/cl/635315"
},
{
"category": "external",
"summary": "https://go.dev/issue/70779",
"url": "https://go.dev/issue/70779"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ",
"url": "https://groups.google.com/g/golang-announce/c/-nPEi39gI4Q/m/cGVPJCqdAQAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3321",
"url": "https://pkg.go.dev/vuln/GO-2024-3321"
}
],
"release_date": "2024-12-11T18:55:58.506000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/crypto/ssh: Misuse of ServerConfig.PublicKeyCallback may cause authorization bypass in golang.org/x/crypto"
},
{
"cve": "CVE-2024-45338",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2024-12-18T21:00:59.938173+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2333122"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang.org/x/net/html. This flaw allows an attacker to craft input to the parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This issue can cause a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated as an Important severity because an attacker can craft malicious input that causes the parsing functions to process data non-linearly, resulting in significant delays which leads to a denial of service by exhausting system resources.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2024-45338"
},
{
"category": "external",
"summary": "RHBZ#2333122",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2333122"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2024-45338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45338"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-45338"
},
{
"category": "external",
"summary": "https://go.dev/cl/637536",
"url": "https://go.dev/cl/637536"
},
{
"category": "external",
"summary": "https://go.dev/issue/70906",
"url": "https://go.dev/issue/70906"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ",
"url": "https://groups.google.com/g/golang-announce/c/wSCRmFnNmPA/m/Lvcd0mRMAwAJ"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2024-3333",
"url": "https://pkg.go.dev/vuln/GO-2024-3333"
}
],
"release_date": "2024-12-18T20:38:22.660000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang.org/x/net/html: Non-linear parsing of case-insensitive content in golang.org/x/net/html"
},
{
"cve": "CVE-2025-12816",
"cwe": {
"id": "CWE-179",
"name": "Incorrect Behavior Order: Early Validation"
},
"discovery_date": "2025-11-25T20:01:05.875196+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417097"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in node-forge. This vulnerability allows unauthenticated attackers to bypass downstream cryptographic verifications and security decisions via crafting ASN.1 (Abstract Syntax Notation One) structures to desynchronize schema validations, yielding a semantic divergence.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products due to an interpretation conflict in the node-forge library. An unauthenticated attacker could exploit this flaw by crafting malicious ASN.1 structures, leading to a bypass of cryptographic verifications and security decisions in affected applications. This impacts various Red Hat products that utilize node-forge for cryptographic operations.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-12816"
},
{
"category": "external",
"summary": "RHBZ#2417097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-12816",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-12816"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-12816"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge",
"url": "https://github.com/digitalbazaar/forge"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/pull/1124",
"url": "https://github.com/digitalbazaar/forge/pull/1124"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-5gfm-wpxj-wjgq"
},
{
"category": "external",
"summary": "https://kb.cert.org/vuls/id/521113",
"url": "https://kb.cert.org/vuls/id/521113"
},
{
"category": "external",
"summary": "https://www.npmjs.com/package/node-forge",
"url": "https://www.npmjs.com/package/node-forge"
}
],
"release_date": "2025-11-25T19:15:50.243000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-forge: node-forge: Interpretation conflict vulnerability allows bypassing cryptographic verifications"
},
{
"cve": "CVE-2025-52881",
"cwe": {
"id": "CWE-59",
"name": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
},
"discovery_date": "2025-10-17T14:19:18.652000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2404715"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in runc. This attack is a more sophisticated variant of CVE-2019-16884, which was a flaw that allowed an attacker to trick runc into writing the LSM process labels for a container process into a dummy tmpfs file and thus not apply the correct LSM labels to the container process. The mitigation applied for CVE-2019-16884 was fairly limited and effectively only caused runc to verify that when we write LSM labels that those labels are actual procfs files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat considers this as an Important flaw since the impact is limited to local attack with minimal privileges in order to jeopardize the environment.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-52881"
},
{
"category": "external",
"summary": "RHBZ#2404715",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2404715"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-52881",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-52881"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-52881"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm",
"url": "https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm"
},
{
"category": "external",
"summary": "https://github.com/opencontainers/selinux/pull/237",
"url": "https://github.com/opencontainers/selinux/pull/237"
}
],
"release_date": "2025-11-05T09:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Potential mitigations for this issue include:\n\n* Using rootless containers, as doing so will block most of the inadvertent writes (runc would run with reduced privileges, making attempts to write to procfs files ineffective).\n* Based on our analysis, neither AppArmor or SELinux can protect against the full version of the redirected write attack. The container runtime is generally privileged enough to write to arbitrary procfs files, which is more than sufficient to cause a container breakout.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "runc: opencontainers/selinux: container escape and denial of service due to arbitrary write gadgets and procfs write redirects"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-65945",
"cwe": {
"id": "CWE-347",
"name": "Improper Verification of Cryptographic Signature"
},
"discovery_date": "2025-12-04T19:01:14.733682+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in auth0/node-jws. This vulnerability allows improper signature verification via using the HS256 (Hash-based Message Authentication Code using SHA-256) algorithm under specific conditions, where applications use the jws.createVerify() function for HMAC (Keyed-Hash Message Authentication Code) algorithms and user-provided data from the JSON (JavaScript Object Notation) Web Signature protected header or payload in HMAC secret lookup routines.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-65945"
},
{
"category": "external",
"summary": "RHBZ#2418904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-65945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-65945"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-65945"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e",
"url": "https://github.com/auth0/node-jws/commit/34c45b2c04434f925b638de6a061de9339c0ea2e"
},
{
"category": "external",
"summary": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x",
"url": "https://github.com/auth0/node-jws/security/advisories/GHSA-869p-cjfg-cm3x"
}
],
"release_date": "2025-12-04T18:45:37.517000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "node-jws: auth0/node-jws: Improper signature verification in HS256 algorithm"
},
{
"cve": "CVE-2025-66031",
"cwe": {
"id": "CWE-674",
"name": "Uncontrolled Recursion"
},
"discovery_date": "2025-11-26T23:01:36.363253+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2417397"
}
],
"notes": [
{
"category": "description",
"text": "An ASN.1 Denial of Service (Dos) vulnerability exists in the node-forge asn1.fromDer function within forge/lib/asn1.js. The ASN.1 DER parser implementation (_fromDer) recurses for every constructed ASN.1 value (SEQUENCE, SET, etc.) and lacks a guard limiting recursion depth. An attacker can craft a small DER blob containing a very large nesting depth of constructed TLVs which causes the Node.js V8 engine to exhaust its call stack and throw RangeError: Maximum call stack size exceeded, crashing or incapacitating the process handling the parse. This is a remote, low-cost Denial-of-Service against applications that parse untrusted ASN.1 objects.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "node-forge: node-forge ASN.1 Unbounded Recursion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66031"
},
{
"category": "external",
"summary": "RHBZ#2417397",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2417397"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66031",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66031"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66031"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451",
"url": "https://github.com/digitalbazaar/forge/commit/260425c6167a38aae038697132483b5517b26451"
},
{
"category": "external",
"summary": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27",
"url": "https://github.com/digitalbazaar/forge/security/advisories/GHSA-554w-wpv2-vw27"
}
],
"release_date": "2025-11-26T22:23:26.013000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "node-forge: node-forge ASN.1 Unbounded Recursion"
},
{
"cve": "CVE-2025-66418",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2025-12-05T17:01:20.277857+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419455"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in urllib3 Python library that could lead to a Denial of Service condition. A remote, malicious server can exploit this flaw by responding to a client request with an HTTP message that uses an excessive number of chained compression algorithms. This unlimited decompression chain causes the client system to consume a virtually unbounded amount of CPU resources and memory. The high resource usage leads to service disruption, making the application unresponsive.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66418"
},
{
"category": "external",
"summary": "RHBZ#2419455",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419455"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66418",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66418"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66418"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8",
"url": "https://github.com/urllib3/urllib3/commit/24d7b67eac89f94e11003424bcf0d8f7b72222a8"
},
{
"category": "external",
"summary": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53",
"url": "https://github.com/urllib3/urllib3/security/advisories/GHSA-gm62-xv2j-4w53"
}
],
"release_date": "2025-12-05T16:02:15.271000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "urllib3: urllib3: Unbounded decompression chain leads to resource exhaustion"
},
{
"cve": "CVE-2025-66506",
"cwe": {
"id": "CWE-405",
"name": "Asymmetric Resource Consumption (Amplification)"
},
"discovery_date": "2025-12-04T23:01:20.507333+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2419056"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Fulcio, a free-to-use certificate authority. This vulnerability allows a denial of service (DoS) due to excessive memory allocation when processing a malicious OpenID Connect (OIDC) identity token containing numerous period characters.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat as Fulcio, a certificate authority used for issuing code signing certificates, is susceptible to a denial of service when processing a specially crafted OpenID Connect (OIDC) token. This could lead to resource exhaustion and service unavailability in affected Red Hat products that utilize Fulcio.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-66506"
},
{
"category": "external",
"summary": "RHBZ#2419056",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2419056"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-66506",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-66506"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-66506"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a",
"url": "https://github.com/sigstore/fulcio/commit/765a0e57608b9ef390e1eeeea8595b9054c63a5a"
},
{
"category": "external",
"summary": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw",
"url": "https://github.com/sigstore/fulcio/security/advisories/GHSA-f83f-xpx7-ffpw"
}
],
"release_date": "2025-12-04T22:04:41.637000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "github.com/sigstore/fulcio: Fulcio: Denial of Service via crafted OpenID Connect (OIDC) token"
},
{
"cve": "CVE-2026-24049",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2026-01-22T05:00:54.709179+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2431959"
}
],
"notes": [
{
"category": "description",
"text": "A path traversal flaw has been discovered in the python wheel too. The unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the archive header for the chmod operation, even though the extraction process itself might have sanitized the path. Attackers can craft a malicious wheel file that, when unpacked, changes the permissions of critical system files (e.g., /etc/passwd, SSH keys, config files), allowing for Privilege Escalation or arbitrary code execution by modifying now-writable scripts.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"known_not_affected": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-24049"
},
{
"category": "external",
"summary": "RHBZ#2431959",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2431959"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-24049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-24049"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24049"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef",
"url": "https://github.com/pypa/wheel/commit/7a7d2de96b22a9adf9208afcc9547e1001569fef"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/releases/tag/0.46.2",
"url": "https://github.com/pypa/wheel/releases/tag/0.46.2"
},
{
"category": "external",
"summary": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx",
"url": "https://github.com/pypa/wheel/security/advisories/GHSA-8rrh-rw8j-w5fx"
}
],
"release_date": "2026-01-22T04:02:08.706000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-16T15:43:51+00:00",
"details": "Before applying this update, make sure all previously released errata relevant\nto your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:23e78fc33f834e7642200ebd89a25f6df96086ebc85b7b796c12defdaf6db55f_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:2a0c6197cfdf75f8e61c9b0b87c4ac6698eb2bd74b80a1a18b8aa7e3b58a7b01_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/clair-rhel8@sha256:b3a69da280042a4a49b46b4c5d68fb801fdfb48ca34838ea95f8689bfd7cec7f_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-bundle@sha256:1ed8034054fb250e96f4ae309456ad9c91c85a4f48e6bad04ee3a941ddf5bd6d_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:1afddea1de67e463112304bbcc542ea3d9196007555b081019272d54726500d6_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:3697f2c97db2d2bc79bd5497cac707527aa20a515dc8518b2cbe90558d12b9a0_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-bridge-operator-rhel8@sha256:7affc63bf40c45403c588abf5dfb1d0f4c5927167a55710bc428fd6162171ed8_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-qemu-rhcos-rhel8@sha256:783306371d102407ac1ed97c329cf370324538c7bfe35476d0530e79472a036b_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:30a5752fa7bfa250cbd36e4d96a2109f539cd8a00b51f6b7e091161ac212b5dd_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:4f8a3dbc431ebd001943b4d2af1a0bd616462e1773e6af87fb03fe0f4e788b2c_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-builder-rhel8@sha256:dbded8952fe20c611f5f0c75df4e4361f71a7416d7e5a9c69f837c6a6f3a55e3_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-bundle@sha256:2d53cc0c05bfa533348e4b4718707688dbfed79f3c6fc2e78b49881c7cd4bd66_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:8087b2f8f5b4b11368129427a054891e7a5cfedfe2a0e403aedc1d4ff0d9a053_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:c30ff14fc21c1656c3dede8d71b5424db37974215fb6ba5941a3c82613527a75_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-container-security-operator-rhel8@sha256:e2feb4a831e033a4ead342e72357c28e7c0ed7681bdd4c4d150ef1ecf968923b_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-bundle@sha256:0b79ca52ec69f9ca331876132740653f6ee6c7c01df176268cd581c67d3627e1_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:435ec27ca9b4cee51effcb277e34b999f148725a1f2e7b8bde52d76730a41904_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:889a5c7117b71ee4001bfaedbc88bd87055d2969b7d4b232a604e0559d6e39f8_ppc64le",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-operator-rhel8@sha256:bb73f7061e402e9b5beb80afbb4d521d9caa1a3745f8f645d0458e78fe4de592_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:53559b73783776cad55684eaac61524a9c17669cb62b5794737c3e4c5688d874_s390x",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8add5a3b448723ff62e1ede9749cc970516a6af55045bd63ede8062b11fe4faf_amd64",
"Red Hat Quay 3.9:registry.redhat.io/quay/quay-rhel8@sha256:8bd901f9d03817e599a73b4f4355236320bec1b803bd9507383277f27fde4319_ppc64le"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "wheel: wheel: Privilege Escalation or Arbitrary Code Execution via malicious wheel file unpacking"
}
]
}
RHSA-2026:28047
Vulnerability from csaf_redhat - Published: 2026-06-22 21:01 - Updated: 2026-06-30 15:49Summary
Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (etcd) security update
Severity
Important
Notes
Topic: An update for etcd is now available for Red Hat OpenStack Platform 17.1
(Wallaby).
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details: etcd is a highly-available key value store for shared configuration.
Security Fix(es):
* net/url: Memory exhaustion in query parameter parsing in net/url
(CVE-2025-61726)
* golang: Denial of Service due to excessive resource consumption via
crafted certificate (CVE-2025-61729)
* Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)
* Incorrect enforcement of email constraints in crypto/x509
(CVE-2026-27137)
* crypto/tls: golang: Go: Denial of Service vulnerability in certificate
chain building (CVE-2026-32280)
* golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update
messages (CVE-2026-32283)
* google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to
improper HTTP/2 path validation (CVE-2026-33186)
* golang: Go crypto/x509: Certificate validation bypass due to incorrect
DNS constraint application (CVE-2026-33810)
* crypto/tls: Incorrect certificate validation during TLS session
resumption (CVE-2025-68121)
* internal/syscall/unix: Root.Chmod can follow symlinks out of the root
(CVE-2026-32282)
* etcd: Authorization bypass allows information disclosure and denial of
service (CVE-2026-33413)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page listed in the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.
7.4 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.
7.8 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.
9.1 (Critical)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Important
A flaw was found in etcd, a distributed key-value store. Unauthorized users can bypass authentication or authorization checks when the gRPC API is exposed to untrusted clients. This allows them to access sensitive cluster topology information, disrupt operations through alarms, interfere with lease management, and trigger data compaction, leading to permanent data loss and disruption of critical workflows. This vulnerability can result in information disclosure and denial of service.
7.7 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
Workaround
|
Threats
Impact
Moderate
A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.
8.8 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: 9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64 | — |
Vendor Fix
fix
|
Threats
Impact
Important
References
90 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for etcd is now available for Red Hat OpenStack Platform 17.1\n(Wallaby).\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "etcd is a highly-available key value store for shared configuration.\n\nSecurity Fix(es):\n\n* net/url: Memory exhaustion in query parameter parsing in net/url\n(CVE-2025-61726)\n\n* golang: Denial of Service due to excessive resource consumption via\ncrafted certificate (CVE-2025-61729)\n\n* Incorrect parsing of IPv6 host literals in net/url (CVE-2026-25679)\n\n* Incorrect enforcement of email constraints in crypto/x509\n(CVE-2026-27137)\n\n* crypto/tls: golang: Go: Denial of Service vulnerability in certificate\nchain building (CVE-2026-32280)\n\n* golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update\nmessages (CVE-2026-32283)\n\n* google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to\nimproper HTTP/2 path validation (CVE-2026-33186)\n\n* golang: Go crypto/x509: Certificate validation bypass due to incorrect\nDNS constraint application (CVE-2026-33810)\n\n* crypto/tls: Incorrect certificate validation during TLS session\nresumption (CVE-2025-68121)\n\n* internal/syscall/unix: Root.Chmod can follow symlinks out of the root\n(CVE-2026-32282)\n\n* etcd: Authorization bypass allows information disclosure and denial of\nservice (CVE-2026-33413)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:28047",
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "2451728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451728"
},
{
"category": "external",
"summary": "2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_28047.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenStack Platform 17.1 (etcd) security update",
"tracking": {
"current_release_date": "2026-06-30T15:49:31+00:00",
"generator": {
"date": "2026-06-30T15:49:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:28047",
"initial_release_date": "2026-06-22T21:01:08+00:00",
"revision_history": [
{
"date": "2026-06-22T21:01:08+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-06-22T21:01:08+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T15:49:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenStack Platform 17.1",
"product": {
"name": "Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:17.1::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.4.26-9.5.el9ost.src",
"product": {
"name": "etcd-0:3.4.26-9.5.el9ost.src",
"product_id": "etcd-0:3.4.26-9.5.el9ost.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.4.26-9.5.el9ost?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "etcd-0:3.4.26-9.5.el9ost.x86_64",
"product": {
"name": "etcd-0:3.4.26-9.5.el9ost.x86_64",
"product_id": "etcd-0:3.4.26-9.5.el9ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd@3.4.26-9.5.el9ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64",
"product": {
"name": "etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64",
"product_id": "etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debugsource@3.4.26-9.5.el9ost?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"product": {
"name": "etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"product_id": "etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/etcd-debuginfo@3.4.26-9.5.el9ost?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.4.26-9.5.el9ost.src as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src"
},
"product_reference": "etcd-0:3.4.26-9.5.el9ost.src",
"relates_to_product_reference": "9Base-RHOS-17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-0:3.4.26-9.5.el9ost.x86_64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64"
},
"product_reference": "etcd-0:3.4.26-9.5.el9ost.x86_64",
"relates_to_product_reference": "9Base-RHOS-17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64"
},
"product_reference": "etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"relates_to_product_reference": "9Base-RHOS-17.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64 as a component of Red Hat OpenStack Platform 17.1",
"product_id": "9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
},
"product_reference": "etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64",
"relates_to_product_reference": "9Base-RHOS-17.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T21:01:08+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61729",
"cwe": {
"id": "CWE-1050",
"name": "Excessive Platform Resource Consumption within a Loop"
},
"discovery_date": "2025-12-02T20:01:45.330964+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2418462"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in golang. A remote attacker could exploit this vulnerability by providing a specially crafted certificate during the error string construction process within the `HostnameError.Error()` function. This flaw, caused by unbounded string concatenation, leads to excessive resource consumption. Successful exploitation can result in a denial of service (DoS) for the affected system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61729"
},
{
"category": "external",
"summary": "RHBZ#2418462",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2418462"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61729",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61729"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61729"
},
{
"category": "external",
"summary": "https://go.dev/cl/725920",
"url": "https://go.dev/cl/725920"
},
{
"category": "external",
"summary": "https://go.dev/issue/76445",
"url": "https://go.dev/issue/76445"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4",
"url": "https://groups.google.com/g/golang-announce/c/8FJoBkPddm4"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2025-4155",
"url": "https://pkg.go.dev/vuln/GO-2025-4155"
}
],
"release_date": "2025-12-02T18:54:10.166000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T21:01:08+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate"
},
{
"cve": "CVE-2025-68121",
"discovery_date": "2026-02-05T18:01:30.086058+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437111"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the crypto/tls component. This vulnerability occurs during Transport Layer Security (TLS) session resumption when certificate authority (CA) settings are modified between the initial and resumed handshakes. An attacker could exploit this to bypass certificate validation, allowing a client or server to establish a connection that should have been rejected. This could lead to an authentication bypass under specific conditions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is a moderate flaw because it only occurs under specific conditions, such as TLS session resumption with runtime changes to certificate authority settings. Exploitation is not straightforward and requires a controlled setup. The impact is limited to certificate validation within the same component and does not affect system availability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-68121"
},
{
"category": "external",
"summary": "RHBZ#2437111",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437111"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-68121",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68121"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68121"
},
{
"category": "external",
"summary": "https://go.dev/cl/737700",
"url": "https://go.dev/cl/737700"
},
{
"category": "external",
"summary": "https://go.dev/issue/77217",
"url": "https://go.dev/issue/77217"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4337",
"url": "https://pkg.go.dev/vuln/GO-2026-4337"
}
],
"release_date": "2026-02-05T17:48:44.141000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T21:01:08+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "crypto/tls: crypto/tls: Incorrect certificate validation during TLS session resumption"
},
{
"cve": "CVE-2026-25679",
"cwe": {
"id": "CWE-1286",
"name": "Improper Validation of Syntactic Correctness of Input"
},
"discovery_date": "2026-03-06T22:02:11.567841+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445356"
}
],
"notes": [
{
"category": "description",
"text": "The Go standard library function net/url.Parse insufficiently validated the host/authority component and accepted some invalid URLs by effectively treating garbage before an IP-literal as ignorable. The function should have rejected this as invalid.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "net/url: Incorrect parsing of IPv6 host literals in net/url",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-25679"
},
{
"category": "external",
"summary": "RHBZ#2445356",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445356"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-25679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-25679"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-25679"
},
{
"category": "external",
"summary": "https://go.dev/cl/752180",
"url": "https://go.dev/cl/752180"
},
{
"category": "external",
"summary": "https://go.dev/issue/77578",
"url": "https://go.dev/issue/77578"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4601",
"url": "https://pkg.go.dev/vuln/GO-2026-4601"
}
],
"release_date": "2026-03-06T21:28:14.211000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T21:01:08+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "net/url: Incorrect parsing of IPv6 host literals in net/url"
},
{
"cve": "CVE-2026-27137",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2026-03-06T22:01:38.859733+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2445345"
}
],
"notes": [
{
"category": "description",
"text": "A certificate validation flaw has been discovered in the golang crypto/x509 module. When verifying a certificate chain which contains a certificate containing multiple email address constraints which share common local portions but different domain portions, these constraints will not be properly applied, and only the last constraint will be considered.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-27137"
},
{
"category": "external",
"summary": "RHBZ#2445345",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2445345"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-27137",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-27137"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-27137"
},
{
"category": "external",
"summary": "https://go.dev/cl/752182",
"url": "https://go.dev/cl/752182"
},
{
"category": "external",
"summary": "https://go.dev/issue/77952",
"url": "https://go.dev/issue/77952"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk",
"url": "https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4599",
"url": "https://pkg.go.dev/vuln/GO-2026-4599"
}
],
"release_date": "2026-03-06T21:28:13.748000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T21:01:08+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: Incorrect enforcement of email constraints in crypto/x509"
},
{
"cve": "CVE-2026-32280",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-04-08T02:01:19.572351+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456339"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go standard library packages `crypto/x509` and `crypto/tls`. During the process of building a certificate chain, an attacker can provide a large number of intermediate certificates. This excessive input is not properly limited, leading to an uncontrolled amount of work being performed. This can result in a denial of service (DoS) condition, making the affected system or application unavailable to legitimate users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32280"
},
{
"category": "external",
"summary": "RHBZ#2456339",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456339"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32280",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32280"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32280"
},
{
"category": "external",
"summary": "https://go.dev/cl/758320",
"url": "https://go.dev/cl/758320"
},
{
"category": "external",
"summary": "https://go.dev/issue/78282",
"url": "https://go.dev/issue/78282"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4947",
"url": "https://pkg.go.dev/vuln/GO-2026-4947"
}
],
"release_date": "2026-04-08T01:06:58.595000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T21:01:08+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: crypto/tls: golang: Go: Denial of Service vulnerability in certificate chain building"
},
{
"cve": "CVE-2026-32282",
"cwe": {
"id": "CWE-367",
"name": "Time-of-check Time-of-use (TOCTOU) Race Condition"
},
"discovery_date": "2026-04-08T02:01:12.683211+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456336"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the `Root.Chmod` function is replaced with a symbolic link during execution, specifically after `Root.Chmod` checks the target but before acting, the `chmod` operation will be performed on the file the symbolic link points to. This issue can bypass directory restrictions and lead to unauthorized permission changes on the filesystem.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this issue, an attacker needs access to the system and the required permissions to create a symbolic link. Additionally, the attacker must swap the target file with a symbolic link in the exact window after the `Root.Chmod` function checks its target but before acting. Due to these conditions, this flaw has been rated with a moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32282"
},
{
"category": "external",
"summary": "RHBZ#2456336",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456336"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32282",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32282"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32282"
},
{
"category": "external",
"summary": "https://go.dev/cl/763761",
"url": "https://go.dev/cl/763761"
},
{
"category": "external",
"summary": "https://go.dev/issue/78293",
"url": "https://go.dev/issue/78293"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4864",
"url": "https://pkg.go.dev/vuln/GO-2026-4864"
}
],
"release_date": "2026-04-08T01:06:55.953000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T21:01:08+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root"
},
{
"cve": "CVE-2026-32283",
"cwe": {
"id": "CWE-764",
"name": "Multiple Locks of a Critical Resource"
},
"discovery_date": "2026-04-08T02:01:16.213799+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456338"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/tls` package within the Go (golang) standard library, specifically affecting TLS 1.3 connections. A remote attacker can exploit this vulnerability by sending multiple key update messages in a single record after the handshake. This can cause the connection to deadlock, leading to uncontrolled consumption of resources and ultimately a denial of service (DoS).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-32283"
},
{
"category": "external",
"summary": "RHBZ#2456338",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456338"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-32283"
},
{
"category": "external",
"summary": "https://go.dev/cl/763767",
"url": "https://go.dev/cl/763767"
},
{
"category": "external",
"summary": "https://go.dev/issue/78334",
"url": "https://go.dev/issue/78334"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4870",
"url": "https://pkg.go.dev/vuln/GO-2026-4870"
}
],
"release_date": "2026-04-08T01:06:57.670000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T21:01:08+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/tls: golang: Go crypto/tls: Denial of Service via multiple TLS 1.3 key update messages"
},
{
"cve": "CVE-2026-33186",
"cwe": {
"id": "CWE-551",
"name": "Incorrect Behavior Order: Authorization Before Parsing and Canonicalization"
},
"discovery_date": "2026-03-20T23:02:27.802640+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2449833"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in gRPC-Go, the Go language implementation of gRPC. This vulnerability, an authorization bypass, is caused by improper input validation of the HTTP/2 `:path` pseudo-header. A remote attacker can exploit this by sending raw HTTP/2 frames with a malformed `:path` that omits the mandatory leading slash. This allows the attacker to bypass defined security policies, potentially leading to unauthorized access to services or information disclosure.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33186"
},
{
"category": "external",
"summary": "RHBZ#2449833",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2449833"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33186",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33186"
},
{
"category": "external",
"summary": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3",
"url": "https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3"
}
],
"release_date": "2026-03-20T22:23:32.147000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T21:01:08+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
},
{
"category": "workaround",
"details": "To mitigate this issue, implement infrastructure-level normalization to ensure all incoming HTTP/2 `:path` headers are properly formatted with a leading slash before reaching the gRPC-Go server. This can be achieved by configuring a reverse proxy or API gateway to validate and normalize the `:path` header. Ensure that any such intermediary is properly configured and restarted to apply the changes, which may temporarily impact service availability.",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "google.golang.org/grpc/grpc-go: google.golang.org/grpc/authz: gRPC-Go: Authorization bypass due to improper HTTP/2 path validation"
},
{
"cve": "CVE-2026-33413",
"cwe": {
"id": "CWE-306",
"name": "Missing Authentication for Critical Function"
},
"discovery_date": "2026-03-26T14:03:01.896580+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2451728"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in etcd, a distributed key-value store. Unauthorized users can bypass authentication or authorization checks when the gRPC API is exposed to untrusted clients. This allows them to access sensitive cluster topology information, disrupt operations through alarms, interfere with lease management, and trigger data compaction, leading to permanent data loss and disruption of critical workflows. This vulnerability can result in information disclosure and denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "etcd: etcd: Authorization bypass allows information disclosure and denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw in etcd allows unauthorized users to bypass authentication or authorization checks when the gRPC API is exposed to untrusted clients and etcd\u0027s built-in authentication is enabled. This can lead to information disclosure and denial of service. Typical Red Hat OpenShift Container Platform and Kubernetes deployments are not affected, as the Kubernetes API server handles authentication and authorization independently of etcd\u0027s internal mechanisms.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33413"
},
{
"category": "external",
"summary": "RHBZ#2451728",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2451728"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33413",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33413"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33413",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33413"
},
{
"category": "external",
"summary": "https://github.com/etcd-io/etcd/security/advisories/GHSA-q8m4-xhhv-38mg",
"url": "https://github.com/etcd-io/etcd/security/advisories/GHSA-q8m4-xhhv-38mg"
}
],
"release_date": "2026-03-26T13:36:10.919000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T21:01:08+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
},
{
"category": "workaround",
"details": "Restrict network access to etcd server ports to ensure only trusted components can establish connections. Implement strong client identity at the transport layer, such as mTLS, with tightly scoped client certificate distribution. This will limit unauthorized access to etcd functions.",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:H",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "etcd: etcd: Authorization bypass allows information disclosure and denial of service"
},
{
"cve": "CVE-2026-33810",
"cwe": {
"id": "CWE-1289",
"name": "Improper Validation of Unsafe Equivalence in Input"
},
"discovery_date": "2026-04-08T02:01:09.100830+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2456335"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the `crypto/x509` package within Go (golang). When verifying a certificate chain, excluded DNS (Domain Name System) constraints are not correctly applied to wildcard DNS Subject Alternative Names (SANs) if the case of the SAN differs from the constraint. This oversight could allow an attacker to bypass certificate validation, potentially leading to the acceptance of a malicious certificate that should have been rejected. This issue specifically impacts the validation of trusted certificate chains.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-33810"
},
{
"category": "external",
"summary": "RHBZ#2456335",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2456335"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-33810",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-33810"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-33810"
},
{
"category": "external",
"summary": "https://go.dev/cl/763763",
"url": "https://go.dev/cl/763763"
},
{
"category": "external",
"summary": "https://go.dev/issue/78332",
"url": "https://go.dev/issue/78332"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU",
"url": "https://groups.google.com/g/golang-announce/c/0uYbvbPZRWU"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4866",
"url": "https://pkg.go.dev/vuln/GO-2026-4866"
}
],
"release_date": "2026-04-08T01:06:56.546000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-06-22T21:01:08+00:00",
"details": "For details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:28047"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.src",
"9Base-RHOS-17.1:etcd-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debuginfo-0:3.4.26-9.5.el9ost.x86_64",
"9Base-RHOS-17.1:etcd-debugsource-0:3.4.26-9.5.el9ost.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "crypto/x509: golang: Go crypto/x509: Certificate validation bypass due to incorrect DNS constraint application"
}
]
}
RHSA-2026:2844
Vulnerability from csaf_redhat - Published: 2026-02-17 18:20 - Updated: 2026-06-30 15:49Summary
Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.26.1 Release.
Severity
Important
Notes
Topic: Red Hat OpenShift Dev Spaces 3.26.1 has been released.
Details: 3.26.1 includes CVE fixes for CVE-2025-15467, CVE-2025-6176, CVE-2026-1761, CVE-2026-0719, CVE-2025-61732, and CVE-2025-61726.
Red Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.
The 3.26 release is based on Eclipse Che 7.113 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.
Users still using the v1 standard should migrate as soon as possible.
https://devfile.io/docs/2.2.0/migrating-to-devfile-v2
Dev Spaces supports OpenShift EUS releases v4.16 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates.
https://access.redhat.com/support/policy/updates/openshift#crw
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Scrapy are vulnerable to a denial of service (DoS) attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occurs because brotli can achieve extremely high compression ratios for zero-filled data, leading to excessive memory consumption during decompression.
7.5 (High)
Affected products
Fixed
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
29 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.
9.8 (Critical)
Affected products
Fixed
40 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.
7.5 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in Go's 'cgo tool'. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then "smuggled" into the compiled `cgo` binary. An attacker could exploit this to embed and execute arbitrary code, potentially leading to significant system compromise.
7.4 (High)
Affected products
Fixed
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64 | — |
Vendor Fix
fix
|
Known not affected
49 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64 | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le | — | ||
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64 | — |
Threats
Impact
Important
A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.
8.6 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64 | — |
Workaround
|
Threats
Impact
Important
A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption. This issue may result in application crashes or arbitrary code execution in applications that process untrusted server responses, and it does not require authentication or user interaction.
8.6 (High)
Affected products
Fixed
12 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64 | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le | — |
Vendor Fix
fix
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64 | — |
Vendor Fix
fix
Workaround
|
Known not affected
41 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64 | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le | — |
Workaround
|
|
| Unresolved product id: Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64 | — |
Workaround
|
Threats
Impact
Important
References
45 references
Acknowledgments
treeplus
Naoki Wakamatsu
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Dev Spaces 3.26.1 has been released.",
"title": "Topic"
},
{
"category": "general",
"text": "3.26.1 includes CVE fixes for CVE-2025-15467, CVE-2025-6176, CVE-2026-1761, CVE-2026-0719, CVE-2025-61732, and CVE-2025-61726.\nRed Hat OpenShift Dev Spaces provides a cloud developer workspace server and a browser-based IDE built for teams and organizations. Dev Spaces runs in OpenShift and is well-suited for container-based development.\nThe 3.26 release is based on Eclipse Che 7.113 and uses the DevWorkspace engine to provide support for workspaces based on devfile v2.1 and v2.2.\nUsers still using the v1 standard should migrate as soon as possible.\nhttps://devfile.io/docs/2.2.0/migrating-to-devfile-v2\nDev Spaces supports OpenShift EUS releases v4.16 and higher. Users are expected to update to supported OpenShift releases in order to continue to get Dev Spaces updates.\nhttps://access.redhat.com/support/policy/updates/openshift#crw",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2026:2844",
"url": "https://access.redhat.com/errata/RHSA-2026:2844"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.26/html/administration_guide/installing-devspaces",
"url": "https://access.redhat.com/documentation/en-us/red_hat_openshift_dev_spaces/3.26/html/administration_guide/installing-devspaces"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-15467",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61726",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-61732",
"url": "https://access.redhat.com/security/cve/CVE-2025-61732"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2025-6176",
"url": "https://access.redhat.com/security/cve/CVE-2025-6176"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-0719",
"url": "https://access.redhat.com/security/cve/CVE-2026-0719"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/cve/CVE-2026-1761",
"url": "https://access.redhat.com/security/cve/CVE-2026-1761"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/",
"url": "https://access.redhat.com/security/updates/classification/"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2026/rhsa-2026_2844.json"
}
],
"title": "Red Hat Security Advisory: Red Hat OpenShift Dev Spaces 3.26.1 Release.",
"tracking": {
"current_release_date": "2026-06-30T15:49:31+00:00",
"generator": {
"date": "2026-06-30T15:49:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "5.3.1"
}
},
"id": "RHSA-2026:2844",
"initial_release_date": "2026-02-17T18:20:32+00:00",
"revision_history": [
{
"date": "2026-02-17T18:20:32+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2026-02-17T18:20:39+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-06-30T15:49:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product": {
"name": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift_devspaces:3.26::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Dev Spaces (RHOSDS)"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3Ad93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770495424"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3Ae81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770494649"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3A2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770404535"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770764461"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770404517"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Af13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770759517"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"product": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256%3Ae724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770404430"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3A619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770851052"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770494431"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"product_id": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-operator-bundle@sha256%3A1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770925072"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3A25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770918006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770332067"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3Accedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770494726"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1?arch=amd64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770913862"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3Aa03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770495424"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3Aa9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770494649"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3Affdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770404535"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3A20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770764461"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770404517"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Ab503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770759517"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"product": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256%3A3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770404430"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3Ad37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770851052"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3Ac2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770494431"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3A26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770918006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770332067"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770494726"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3A1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf?arch=s390x\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770913862"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3A07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770495424"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3A6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770494649"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3Ab01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770404535"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3Acfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770764461"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3A0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770404517"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Aa644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770759517"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256%3Aee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770404430"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3Ac5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770851052"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3Ab151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770494431"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3Ad8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770918006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770332067"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770494726"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3Abb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472?arch=ppc64le\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770913862"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"product": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"product_id": "registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"product_identification_helper": {
"purl": "pkg:oci/code-rhel9@sha256%3A080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770495424"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"product": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"product_id": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"product_identification_helper": {
"purl": "pkg:oci/code-sshd-rhel9@sha256%3A4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770494649"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"product": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"product_id": "registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"product_identification_helper": {
"purl": "pkg:oci/configbump-rhel9@sha256%3A46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770404535"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"product": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"product_id": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"product_identification_helper": {
"purl": "pkg:oci/dashboard-rhel9@sha256%3Aa67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770764461"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"product": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"product_id": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"product_identification_helper": {
"purl": "pkg:oci/imagepuller-rhel9@sha256%3Ad198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770404517"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"product": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"product_id": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"product_identification_helper": {
"purl": "pkg:oci/jetbrains-ide-rhel9@sha256%3Acb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770759517"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"product": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"product_id": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/machineexec-rhel9@sha256%3A75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770404430"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"product": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"product_id": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"product_identification_helper": {
"purl": "pkg:oci/openvsx-rhel9@sha256%3Ab69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770851052"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"product": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"product_id": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"product_identification_helper": {
"purl": "pkg:oci/devspaces-rhel9-operator@sha256%3A740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770494431"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"product": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"product_id": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"product_identification_helper": {
"purl": "pkg:oci/pluginregistry-rhel9@sha256%3A48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770918006"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"product": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"product_id": "registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"product_identification_helper": {
"purl": "pkg:oci/server-rhel9@sha256%3A967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770332067"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"product": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"product_id": "registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"product_identification_helper": {
"purl": "pkg:oci/traefik-rhel9@sha256%3A7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770494726"
}
}
},
{
"category": "product_version",
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64",
"product": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64",
"product_id": "registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64",
"product_identification_helper": {
"purl": "pkg:oci/udi-rhel9@sha256%3Af3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5?arch=arm64\u0026repository_url=registry.redhat.io/devspaces\u0026tag=1770913862"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64"
},
"product_reference": "registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64"
},
"product_reference": "registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x"
},
"product_reference": "registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x"
},
"product_reference": "registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64"
},
"product_reference": "registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64"
},
"product_reference": "registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x"
},
"product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64"
},
"product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64"
},
"product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x"
},
"product_reference": "registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64"
},
"product_reference": "registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
},
"product_reference": "registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64 as a component of Red Hat OpenShift Dev Spaces (RHOSDS) 3.26",
"product_id": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
},
"product_reference": "registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64",
"relates_to_product_reference": "Red Hat OpenShift Dev Spaces (RHOSDS) 3.26"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-6176",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2025-10-31T01:00:56.408048+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2408762"
}
],
"notes": [
{
"category": "description",
"text": "Scrapy are vulnerable to a denial of service (DoS) attack due to a flaw in its brotli decompression implementation. The protection mechanism against decompression bombs fails to mitigate the brotli variant, allowing remote servers to crash clients with less than 80GB of available memory. This occurs because brotli can achieve extremely high compression ratios for zero-filled data, leading to excessive memory consumption during decompression.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. The flaw in Scrapy\u0027s brotli decompression implementation allows remote attackers to trigger a denial of service by sending specially crafted brotli-compressed data. This can lead to excessive memory consumption and system instability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-6176"
},
{
"category": "external",
"summary": "RHBZ#2408762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2408762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-6176",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-6176"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-6176",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-6176"
},
{
"category": "external",
"summary": "https://huntr.com/bounties/2c26a886-5984-47ee-a421-0d5fe1344eb0",
"url": "https://huntr.com/bounties/2c26a886-5984-47ee-a421-0d5fe1344eb0"
}
],
"release_date": "2025-10-31T00:00:21.219000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-17T18:20:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2844"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Scrapy: python-scrapy: brotli: Python brotli decompression bomb DoS"
},
{
"cve": "CVE-2025-15467",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2026-01-16T14:21:50.710000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2430376"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in OpenSSL. A remote attacker can exploit a stack buffer overflow vulnerability by supplying a crafted Cryptographic Message Syntax (CMS) message with an oversized Initialization Vector (IV) when parsing AuthEnvelopedData structures that use Authenticated Encryption with Associated Data (AEAD) ciphers such as AES-GCM. This can lead to a crash, causing a Denial of Service (DoS), or potentially allow for remote code execution.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability is rated Important for Red Hat products. On Red Hat Enterprise Linux, OpenSSL is built with stack protections enabled which mitigate the risk of code execution though a denial-of-service condition remains possible. This vulnerability only affects applications and services that parse untrusted CMS or PKCS#7 content using AEAD ciphers, such as Kerberos using the PKINIT plugin. OpenSSL versions 1.1.1 and 1.0.2 are not affected by this issue.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-15467"
},
{
"category": "external",
"summary": "RHBZ#2430376",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2430376"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-15467",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-15467"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-15467"
}
],
"release_date": "2026-01-27T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-17T18:20:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2844"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openssl: OpenSSL: Remote code execution or Denial of Service via oversized Initialization Vector in CMS parsing"
},
{
"cve": "CVE-2025-61726",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2026-01-28T20:01:42.791305+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2434432"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted HTTP request containing a massive number of query parameters will cause the application to consume an excessive amount of memory, eventually causing the application to crash or become unresponsive, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: net/url: Memory exhaustion in query parameter parsing in net/url",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "To exploit this flaw, an attacker must be able to send a specially crafted HTTP request to an application parsing URL-encoded forms with net/url, specifically a request containing a large number of unique query parameters. The request will cause the application to consume an excessive amount of memory and eventually result in a denial of service, with no impact to confidentiality or integrity. Due to this reason, this vulnerability has been rated with an important severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61726"
},
{
"category": "external",
"summary": "RHBZ#2434432",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2434432"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61726",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61726"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61726"
},
{
"category": "external",
"summary": "https://go.dev/cl/736712",
"url": "https://go.dev/cl/736712"
},
{
"category": "external",
"summary": "https://go.dev/issue/77101",
"url": "https://go.dev/issue/77101"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc",
"url": "https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4341",
"url": "https://pkg.go.dev/vuln/GO-2026-4341"
}
],
"release_date": "2026-01-28T19:30:31.215000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-17T18:20:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2844"
},
{
"category": "workaround",
"details": "Red Hat has investigated whether a possible mitigation exists for this issue, and has not been able to identify a practical example. Please update the affected package as soon as possible.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "golang: net/url: Memory exhaustion in query parameter parsing in net/url"
},
{
"cve": "CVE-2025-61732",
"discovery_date": "2026-02-05T05:00:47.678207+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2437016"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Go\u0027s \u0027cgo tool\u0027. This vulnerability arises from a discrepancy in how Go and C/C++ comments are parsed, which allows for malicious code to be hidden within comments and then \"smuggled\" into the compiled `cgo` binary. An attacker could exploit this to embed and execute arbitrary code, potentially leading to significant system compromise.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This is an Important vulnerability in the `cmd/cgo` component of the Go toolchain. A parsing discrepancy between Go and C/C++ comments could allow for code smuggling into the resulting `cgo` binary. This primarily affects systems where untrusted Go modules utilizing `cgo` are built, impacting Red Hat Enterprise Linux and OpenShift Container Platform.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-61732"
},
{
"category": "external",
"summary": "RHBZ#2437016",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2437016"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-61732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-61732"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-61732"
},
{
"category": "external",
"summary": "https://go.dev/cl/734220",
"url": "https://go.dev/cl/734220"
},
{
"category": "external",
"summary": "https://go.dev/issue/76697",
"url": "https://go.dev/issue/76697"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk",
"url": "https://groups.google.com/g/golang-announce/c/K09ubi9FQFk"
},
{
"category": "external",
"summary": "https://pkg.go.dev/vuln/GO-2026-4433",
"url": "https://pkg.go.dev/vuln/GO-2026-4433"
}
],
"release_date": "2026-02-05T03:42:26.392000+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-17T18:20:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2844"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "cmd/cgo: Go cgo: Code smuggling due to comment parsing discrepancy"
},
{
"acknowledgments": [
{
"names": [
"treeplus"
]
}
],
"cve": "CVE-2026-0719",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2026-01-08T12:09:43.352000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2427906"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was identified in the NTLM authentication handling of the libsoup HTTP library, used by GNOME and other applications for network communication. When processing extremely long passwords, an internal size calculation can overflow due to improper use of signed integers. This results in incorrect memory allocation on the stack, followed by unsafe memory copying. As a result, applications using libsoup may crash unexpectedly, creating a denial-of-service risk.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The Red Hat Product Security team has assessed this vulnerability as Important severity due to its remote exploitability and lack of authentication requirements. Successful exploitation allows an attacker to crash any client or service using libsoup\u2019s NTLM authentication mechanism. The root cause is improper handling of signed integer arithmetic, which leads to stack buffer overflow and denial-of-service.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-0719"
},
{
"category": "external",
"summary": "RHBZ#2427906",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2427906"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-0719",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-0719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-0719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-0719"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/477",
"url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/477"
}
],
"release_date": "2026-01-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-17T18:20:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2844"
},
{
"category": "workaround",
"details": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication"
},
{
"acknowledgments": [
{
"names": [
"Naoki Wakamatsu"
]
}
],
"cve": "CVE-2026-1761",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2026-02-02T12:51:56.172000+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2435961"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted multipart HTTP response, which can lead to memory corruption. This issue may result in application crashes or arbitrary code execution in applications that process untrusted server responses, and it does not require authentication or user interaction.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response Parsingmultipart HTTP response",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This IMPORTANT flaw in libsoup involves a stack-based buffer overflow during the parsing of multipart HTTP responses. A remote attacker can exploit this vulnerability by sending a specially crafted response, leading to memory corruption and potentially arbitrary code execution or application crashes in Red Hat products that utilize libsoup to process untrusted server responses. This issue does not require authentication or user interaction.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
],
"known_not_affected": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2026-1761"
},
{
"category": "external",
"summary": "RHBZ#2435961",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2435961"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2026-1761",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-1761"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2026-1761",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-1761"
},
{
"category": "external",
"summary": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/493",
"url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/493"
}
],
"release_date": "2026-02-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2026-02-17T18:20:32+00:00",
"details": "Before applying this update, make sure all previously released errata relevant to your system have been applied.\nFor details on how to apply this update, refer to:\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2026:2844"
},
{
"category": "workaround",
"details": "To mitigate this issue, applications utilizing libsoup that process HTTP responses should be configured to only communicate with trusted endpoints. Implement network egress filtering to restrict vulnerable applications from connecting to untrusted external services, thereby reducing the exposure to specially crafted multipart HTTP responses.",
"product_ids": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:07b5aa25be771e9205eeec6b99eba468e856fe613ce1f14f56fe1a1987bebff1_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:080f5c8c0036ff152960bace14a46d838aaab50d005b02741ba26d08fc040249_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:a03a86747f6191a55ba5a95383124c93fcbba2b137da04fe6b9508a2e54a2a86_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-rhel9@sha256:d93b78cc40286233dd48bf7bb91eab892329bb56367c03e4e2cf36e565917209_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:4aff583803de7ebd055aa820c3167cf60fd65c4c5192cb86af65803c552871ec_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:6c0618a262457b1e209870c64225082c01200807b2ae338063425d3aa2f96fcc_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:a9a3ee20941be2f803fc3d5ac9f14ebdc4bea275927f56696aaf9ba8b4900c74_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/code-sshd-rhel9@sha256:e81bba6aea603106046eaf3196d785d1ae63eb82b8b2d5799c2e8757ca30fb4b_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:2dd449320ffd135b13cc7a43392f8be402c6b21677e949b6cb23d90c25b2af27_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:46e17c423ab487e330913b8f7addd7f4625e5f74385104e5856c01f78ef31d09_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:b01aa02ff03139120d3316da77ec4a0b4423c3c5561a3a1113732eedabe9aecd_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/configbump-rhel9@sha256:ffdb6bd87cb727dd99df7a9b3c160bd26fc113957bb22dc442cd38ba6b56d485_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:20b0660092b3a3c069c06aae34f3306bcd655d58e33f7b8ce168aa3f21ccfef1_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:48de995db52924f4a20fc4c62c18a62223b3ef05ac5b5008dcb3628a4ee2767e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:a67220640f3cbaea11bc4e47a36fc852152620bc50a81cdf155c56374b2cc546_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/dashboard-rhel9@sha256:cfba0a1117e348ee5252289beaca5affdff3dc4a0e4cfc87f7b3ed20db16c1db_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-operator-bundle@sha256:1da81db973a6033fbe12a59e877335bf194ec4563b61e530a44326915518f788_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:740fb67de0e874261cf456ab601b9c5a2de47912d04375172c36ee2110c54594_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:7ca3cba246b8d1163fcbbb2d4798a27b5e123f36b5155e0c563747316f09b09f_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:b151b96c8187c820c6e91e6bc2a3048839e5b3dc883cec69bb04e46a875c6f74_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/devspaces-rhel9-operator@sha256:c2c57991cc8bdda2882836401980b05d81bb254d8f6002cc345fbb985e43c258_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:0265615072824fe889c5bd3d1f40d8027c38236718ec3c994bc327583e4e4885_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:24e0cccde7ea62cc4371acaa567e3e180c01941fa35844088bc73a4b27e5281e_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:8704addd93ca4fbbf4a585084775de2fe496e7641b1406a426d29e107d86119c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/imagepuller-rhel9@sha256:d198c71d91965b65f49eea8497a7574cb8d7a9599c54fa95d8d8cd12f60c6c81_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:a644a873fe159eece3e6ce341eceb7b7a4fe62f5e835e604aaf8574735d960ca_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:b503ab30512cc9bf3cfa89f5a8b09a591b038f61c22d1b2777477f40bbdbec0b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:cb7dfb0bcf96a8f8ddeea922aa9be138b734b085267e2ce6a89390a51349f57d_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/jetbrains-ide-rhel9@sha256:f13b292f3ab98895a8d07f4b4637af2c8fe0b45dd4609e3a2a2548b9dfb239d1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:3d277b876221d34650e2e7dd6368fd0892f9f535424c77ff1219df36c3972939_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:75097ff55bd9c180931c8db38709e70e3909fa17e2a7ed0949ffe02de01a468a_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:e724671480f0db043ff01c510cf3665833976806b3fb3fe64c4f186c3d445e7c_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/machineexec-rhel9@sha256:ee21dfe4d927a49196e81782875e88bd564c48c620ec07444a07387f9e4b6889_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:619c10386e0224e5228876a434c5b8d78d251bc383e2a9491503d6ceddd33c96_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:b69f3ac7efeae55c89036c589536b264f1a1e2431d120ea625c1045fc9d7de79_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:c5e4373203140944e469e0306311911cde0231b24d256bb9c65e3150558efd3c_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/openvsx-rhel9@sha256:d37e4c1f6f9bcebfb5ef805284b343d98d6e742adb589ade746321eade5863b4_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:25de67b5c2c60597173d977b2a09ecd14a9b2d60c4fd24ac0c8bf3c1ac6c000e_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:26dd9fb71bfad01a9a62e5cd83768146120efea71107c89cd8ce3361e7c73b4b_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:48d31aa446fe1033ad770ed74442053bcee5102035a9c618fb81cde1743a9692_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/pluginregistry-rhel9@sha256:d8203704e7ee44c7937b1c81166c63c002a8a09de0e38b04a3cc1e60ad94adcf_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:049c2ef7242b5ba8f80c623fb9d3a1577ade9470547119d45e5dbe1c6889b097_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:21a2cb587fce8d547f8cc31c97243bbf2bf30e8cccb64a772d60df40c909f221_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:506a7942298ea0fe39bd7cc794b9b8c374d91b38c194af3f8ec05b2d0b008205_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/server-rhel9@sha256:967d1fa6c419ed553a04addc4ca15b80ec83dc5c6899194514324eb4c79afa68_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:38f746ee7214cd30a440b754f9fa6d72e3bd802eb868e13eec139fb643e20dbc_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:7663c30c4bd9750038838a7131b680130e85f4a8d5aa41741ce4aecab7bede8b_arm64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:8ea5bdee69a073ae7a741c6fe6d770d2ed87b0c0143885fca06a49d2a0036612_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/traefik-rhel9@sha256:ccedf18e442831008f1c63721c6bf536436af0024279151044dd2d8c5e87f684_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:1a9e80f609eaf33cc252400a5e4371096dc549cbf9364e95dc6f38144fdb8bdf_s390x",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:90f6995edd69f00118cad45ab7c6d4683a99c2de2b3202f017d108cd4aadccc1_amd64",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:bb9f0ee4fa785a4c3d4a3f6f5e177f4a41350ccef40bc53bfeedee2d52061472_ppc64le",
"Red Hat OpenShift Dev Spaces (RHOSDS) 3.26:registry.redhat.io/devspaces/udi-rhel9@sha256:f3428de9e2ede29629694ab02ff8ca25543f3bc8a7300d1de95c00724e31c4b5_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response Parsingmultipart HTTP response"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…